Try to start another sshd instance by hand in server using another
port and enabling debuging options just to see error messages regarding
GSSAPI auth... Sometimes it shows the little errors that prevent auth
from proceeding successfully.
In your server, for instance, type
serverhost:/#
Hello,
I am testing the MIT kerberos 1.3.4 now. The KDC is still on version
1.2.8. I got a GSS-API error when I tried to use the kadmin client from
the 1.3.4 talking to the 1.2.8 server.
here is the error,
/opt/sbin/kadmin -p admabcd/admin
Couldn't open log file /var/log/kadmind.log.20040917
is still on version
1.2.8. I got a GSS-API error when I tried to use the kadmin client from
the 1.3.4 talking to the 1.2.8 server.
here is the error,
/opt/sbin/kadmin -p admabcd/admin
Couldn't open log file /var/log/kadmind.log.20040917: Permission denied
Authenticating as principal admabcd/admin
Thanks for the help. When I run install-strip it fails with the
following message:
making install in kadmin/cli...
make[3]: Entering directory
`/export/home/halla3/krb5-1.3.5/src/kadmin/cli'
../../config/install-sh -c -s kadmin.local
/tmp/drewkrb/sbin/kadmin.local
../../config/install-sh -c -s
In article [EMAIL PROTECTED], Andrew Hall wrote:
I have what I hope is an easy question. I have just downloaded and
compiled krb5 1.3.5 but for some reason the binaries produced were not
stripped. The install dir is over 300M :). I had strip in my path
prior to running configure.
Any ideas
Hi,
I downloaded the kerberos for windows from the url:
http://web.mit.edu/kerberos/www/dist/index.html#KFW2.6.4
.After I installed it , I run the Leash Kerberos ticket manager.
I can get a ticket from my kdc, it has no problem. But when I select the Action menu
and click the change password
I have successult gotten SEAM - AD to work on our Solaris 8 machines,
and am now trying to get it to work on our Solaris 9 servers. I have
setup the krb5.conf file exactly the same. I am unable to login with
my AD crednetials. I find this error in /var/adm/messages
PAM_KRB5 (auth): error
I've been looking for information on whether or not I can use an RSA
ACE/Server to pre-authenticate kerberos.
I've found some incredibly sketchy comments in the usenet archives and
there does appear to be several lines of code in the krb source that
references SecurID.
Is there specific
I've got this running on debian machines so I'm going to gamble that
you still need the kerberized ssh - apt-get install ssh-krb5 - do this
on the client and the server.
D.
David Kuhl
Parity Systems
[EMAIL PROTECTED]
---
rachel elizabeth dillon wrote:
Have you tried
Jeffrey Altman wrote:
There is no need to nor should you set the tkt and tgs enctypes.
MIT Kerberos 1.3 and higher support all of the enctypes used by
the Windows Kerberos SSPI.
If your service is running on Unix, then you must make sure that
you create a keytab containing entries for each
lyzhang == Lynn Zhang [EMAIL PROTECTED] writes:
lyzhang Should the kadmin form 1.3.4 talks to kadmind from 1.2.8? Or
lyzhang I may ignore the error, just upgrade the KDC first, then the
lyzhang client, so the kadmin client and server will be the same
lyzhang version.
The kadmin client from
Lynn == Lynn Zhang [EMAIL PROTECTED] writes:
Lynn Should the kadmin form 1.3.4 talks to kadmind from 1.2.8?
Yes.
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
Andrew == Andrew Hall [EMAIL PROTECTED] writes:
Andrew Looks like its trying to strip a tmp file because I don't
Andrew see that file in my install nor src trees.
more problematically it's trying to strip a shell script. I don't
know whether install-sh or the makefile is at fault
In regard to: Re: binaries not stripped, Andrew Hall said (at 12:13pm on...:
Thanks for the help. When I run install-strip it fails with the
following message:
making install in kadmin/cli...
make[3]: Entering directory
`/export/home/halla3/krb5-1.3.5/src/kadmin/cli'
../../config/install-sh -c -s
Jacques Lebastard wrote:
Jeffrey Altman wrote:
There is no need to nor should you set the tkt and tgs enctypes.
MIT Kerberos 1.3 and higher support all of the enctypes used by
the Windows Kerberos SSPI.
If your service is running on Unix, then you must make sure that
you create a keytab
On Sep 17, 2004, at 12:13, Andrew Hall wrote:
Thanks for the help. When I run install-strip it fails with the
following message:
making install in kadmin/cli...
make[3]: Entering directory
`/export/home/halla3/krb5-1.3.5/src/kadmin/cli'
../../config/install-sh -c -s kadmin.local
On Sep 17, 2004, at 15:27, Ken Raeburn wrote:
../../config/install-sh -c -s ./k5srvutil.sh
/tmp/drewkrb/sbin/k5srvutil
/usr/ccs/bin/sparcv9/strip: /tmp/drewkrb/sbin/_inst.20115_: invalid
file
type
Are you building sparcv9 (64-bit) executables? If you're building
normal (32-bit) sparc
-BEGIN PGP SIGNED MESSAGE-
The MIT Kerberos Team announces the availability of MIT Kerberos for
Windows 2.6.5.
The distribution packages and Release Notes are available from the
download link on the MIT Kerberos distribution page,
http://web.mit.edu/kerberos/dist/
The main MIT
On Fri, 17 Sep 2004, Tom Yu wrote:
lyzhang == Lynn Zhang [EMAIL PROTECTED] writes:
lyzhang Should the kadmin form 1.3.4 talks to kadmind from 1.2.8? Or
lyzhang I may ignore the error, just upgrade the KDC first, then the
lyzhang client, so the kadmin client and server will be the same
I still need to examine the trace in detail, but did you notice
whether there was a ticket request processed by the KDC in both cases?
---Tom
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
Error 70 is a Kerberos 4 error.
Does your KDC not support Kerberos 5?
You should not be receiving any Kerberos IV error messages for
change password unless your KDC does not speak Kerberos 5; or
you have deleted the krb5_32.dll file
Jeffrey Altman
jiangsukid wrote:
Hi,
I downloaded the
Jacques Lebastard wrote:
How can I check this and, second question, how can I generate a keytab
with RC4-HMAC encryption ? The ktpass tool does not accept the RC4-HMAC
crypto type:
[- /] crypto : Cryptosystem to use
[- /] crypto : is one of:
[- /] crypto : DES-CBC-CRC
On Fri, 17 Sep 2004, Tom Yu wrote:
I still need to examine the trace in detail, but did you notice
whether there was a ticket request processed by the KDC in both cases?
---Tom
The kadmin from 1.2.8 wrote information to the log,
Sep 17 17:02:47 Request: kadm5_init, admabcd/[EMAIL
lyzhang == Lynn Zhang [EMAIL PROTECTED] writes:
lyzhang The kadmin from 1.2.8 wrote information to the log,
lyzhang Sep 17 17:02:47 Request: kadm5_init, admabcd/[EMAIL PROTECTED],
lyzhang success,
lyzhang client=admabcd/[EMAIL PROTECTED], service=kadmin/[EMAIL PROTECTED],
lyzhang
Lynn Zhang [EMAIL PROTECTED] writes:
Date: Fri, 17 Sep 2004 16:32:52 -0400 (EDT)
From: Lynn Zhang [EMAIL PROTECTED]
To: Tom Yu [EMAIL PROTECTED]
In-Reply-To: [EMAIL PROTECTED]
Message-ID: [EMAIL PROTECTED]
References: [EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
MIME-Version:
lyzhang == Lynn Zhang [EMAIL PROTECTED] writes:
lyzhang The kadmin from 1.2.8 wrote information to the log,
lyzhang Sep 17 17:02:47 Request: kadm5_init, admabcd/[EMAIL PROTECTED]
U,
lyzhang success,
lyzhang client=admabcd/[EMAIL PROTECTED], service=kadmin/[EMAIL PROTECTED]
ICH.EDU,
26 matches
Mail list logo