When you manually "kinit; aklog", does that work? - a
Adam Chlipala <[EMAIL PROTECTED]> writes: > Adam Megacz wrote: >> One catch: I can't rename your kerberos principals [*], and I don't >> want to know your passwords (in order to create new principals). So, >> adamc/docelic/mwolson, could you please: [stuff] >> > > The transcript of my session: > > $ ssh -p 2222 [EMAIL PROTECTED] > Password for [EMAIL PROTECTED]: > Password: > Last login: Fri Mar 30 07:21:11 2007 from 1234bhost179.starwoodbroadband.com > [EMAIL PROTECTED]:~$ sudo kadmin.local > Authenticating as principal www-data/[EMAIL PROTECTED] with password. > kadmin.local: ank -policy admin [EMAIL PROTECTED] > Enter password for principal "[EMAIL PROTECTED]": > Re-enter password for principal "[EMAIL PROTECTED]": > add_principal: Principal or policy already exists while creating > "[EMAIL PROTECTED]". > kadmin.local: delprinc adamc/[EMAIL PROTECTED] > Are you sure you want to delete the principal "adamc/[EMAIL PROTECTED]"? > (yes/no): yes > Principal "adamc/[EMAIL PROTECTED]" deleted. > Make sure that you have removed this principal from all ACLs before reusing. > kadmin.local: > > Things that seem weird: > - Two password prompts on connecting with ssh > - Authenticating as principal 'www-data/...' > - Policy already exists > > Also, upon reconnecting (successfully, though again with two password > prompts): > > ssh [EMAIL PROTECTED] -p 2222 > Password for [EMAIL PROTECTED]: > Password: > Last login: Mon Apr 2 11:31:59 2007 from 206.169.168.190 > [EMAIL PROTECTED]:~$ tokens > > Tokens held by the Cache Manager: > > --End of list-- > [EMAIL PROTECTED]:~$ kinit > kinit(v5): Client not found in Kerberos database while getting initial > credentials -- PGP/GPG: 5C9F F366 C9CF 2145 E770 B1B8 EFB1 462D A146 C380 _______________________________________________ HCoop-SysAdmin mailing list [email protected] http://hcoop.net/cgi-bin/mailman/listinfo/hcoop-sysadmin
