David Telfer wrote: > To determine the keytab kvno; > > # /usr/local/sbin/ktutil > ktutil: rkt /etc/krb5.keytab > ktutil: list > slot KVNO Principal > ---- ---- > --------------------------------------------------------------------- > 1 3 HTTP/[EMAIL PROTECTED] > > This is the step I am unsure of, but I believe it indicates that the > keytab also has a KVNO of 3. Is this correct? > To clarify this, I have realised that I was jumping through too many hoops to determine the kvno of the keytab file.
I should have used; #./klist -k /etc/krb5.keytab This returns; Keytab name: FILE:/etc/krb5.keytab KVNO Principal ---- -------------------------------------------------------------------------- 3 HTTP/[EMAIL PROTECTED] Indicating that both the Service Principal and keytab kvno's match. I think it would be wise for me to restart the process so I can be sure that the kvnos are starting at 1. From the determined kvno information, I am worried that starting again will not resolve my issue. Assuming that the kvno is reset to 1, using kvno and klist to determine the version number should return similar results to above, but showing the number to be 1. What would the difference be and would it resolve the pre-authentication issue? ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
