In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote: > kinit test > Password for [EMAIL PROTECTED]: ... > However, I can't kinit using this keytab file: > > [EMAIL PROTECTED]/var/kerberos/krb5kdc]$ kinit -k kadm5test > kinit(v5): Cannot resolve network address for KDC in requested realm > while getting initial credentials
In the course of this message you don't show the same realm twice, for a total of four different realms (host.COM is not the same realm as HOST.COM.) If that's really the case, I believe it could account for the error shown above. You may find some details on this in the KDC syslog. The kadmin function that populates a keytab does create a new key version, so the old one is no longer valid for new ticket requests. That's normally a feature. If you want to store the key for a typeable password in a keytab, I believe you can use ktutil for this. Donn Cave, [EMAIL PROTECTED] > klist shows: > > [EMAIL PROTECTED] /var/kerberos/krb5kdc]$ klist > Ticket cache: FILE:/tmp/krb5cc_0 > Default principal: [EMAIL PROTECTED] > > Valid starting Expires Service principal > 01/20/05 14:53:59 01/21/05 00:53:59 krbtgt/[EMAIL PROTECTED] > > > Kerberos 4 ticket cache: /tmp/tkt0 > klist: You have no tickets cached > > A secondary problem is now the password seems to have been changed > after creating the keytab, and I can no longer kinit (without the > keytab): > > [EMAIL PROTECTED] /var/kerberos/krb5kdc]$ kinit test > Password for [EMAIL PROTECTED]: > kinit(v5): Password incorrect while getting initial credentials > > For testing purposes I'm using my hostname as my realm name. I've > tried logging in as root and as test, but get the same result. > ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
