Am 08.07.22 um 11:24 schrieb Berthold Cogel:
We're using the pam_krb5 shipped with Red Hat.
I've rebuild the module from the RHEL 7 source rpm on RHEL 8. And it
seems to work.... for some value of working....
Supported enctypes in our kdc:
aes256-cts-hmac-sha1-96:normal des-cbc-crc:normal des:afs3
We 'rekeyed' our AFS environment with aes256-cts-hmac-sha1-96:normal to
get connections from newer Ubuntu/Debian and Fedora 35 working.
We get a krb5 ticket and a login, but getting the AFS token gives errors:
"error obtaining credentials for 'afs/rrz.uni-koeln...@rrz.uni-koeln.de'
(enctype=1) on behalf of ....: No credentials found with supported
encryption types"
Same for two other enctypes.
So something else changed in RHEL 8, which we haven't found yet.
I forgot to add, that klog.krb5 is getting a token after login...
_______________________________________________
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info
