[31399] in Kerberos
Re: nfs/kerberos problems
daemon@ATHENA.MIT.EDU (Chantal Rosmuller)
Wed Aug 19 13:23:49 2009
From: Chantal Rosmuller <chantal@antenna.nl>
To: kerberos@mit.edu
Date: Wed, 19 Aug 2009 19:22:51 +0200
In-Reply-To: <c789fd70908181021q48ef644cl8815c20a7dc33964@mail.gmail.com>
MIME-Version: 1.0
Message-Id: <200908191922.51956.chantal@antenna.nl>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On Tuesday 18 August 2009 19:21:23 Steve Glasser wrote:
> > added principal for client ubuntuhardy2
> >
> > addprinc -randkey host/ubuntuhardy2.localhost.network addprinc -randkey
> > nfs/ubuntuhardy2.localhost.network
> > client
> >
> > logged in on the client:
> >
> > kinit admin/admin
> > Password for admin/admin@LOCALHOST.NETWORK: r
> >
> > add principal for client
> >
> > kadmin: addprinc -randkey nfs/ubuntuhardy2.localhost.network
>
> It appears you created the host/ubuntuhardy2.localhost.network
> principal but did not extract the host key to the local keytab file on
> ubuntuhardy2, as you did with /ubuntuhardy1. I believe that is
> required; if I'm wrong someone please correct me.
>
> Cheers
Hi Steve, I tried but it doesn't help, here are my keytabs:
root@ubuntuhardy2:~# klist -e -k /etc/krb5.keytab
Keytab name: FILE:/etc/krb5.keytab
KVNO Principal
----
--------------------------------------------------------------------------
3 nfs/ubuntuhardy2.localhost.network@LOCALHOST.NETWORK (Triple DES cbc mode
with HMAC/sha1)
3 nfs/ubuntuhardy2.localhost.network@LOCALHOST.NETWORK (DES cbc mode with
CRC-32)
4 host/ubuntuhardy2.localhost.network@LOCALHOST.NETWORK (Triple DES cbc
mode with HMAC/sha1)
4 host/ubuntuhardy2.localhost.network@LOCALHOST.NETWORK (DES cbc mode with
CRC-32)
root@ubuntuhardy1:~# klist -e -k /etc/krb5.keytab
Keytab name: FILE:/etc/krb5.keytab
KVNO Principal
----
--------------------------------------------------------------------------
3 host/ubuntuhardy1.localhost.network@LOCALHOST.NETWORK (Triple DES cbc
mode with HMAC/sha1)
3 host/ubuntuhardy1.localhost.network@LOCALHOST.NETWORK (DES cbc mode with
CRC-32)
3 nfs/ubuntuhardy1.localhost.network@LOCALHOST.NETWORK (Triple DES cbc mode
with HMAC/sha1)
3 nfs/ubuntuhardy1.localhost.network@LOCALHOST.NETWORK (DES cbc mode with
CRC-32)
4 nfs/ubuntuhardy2.localhost.network@LOCALHOST.NETWORK (Triple DES cbc mode
with HMAC/sha1)
4 nfs/ubuntuhardy2.localhost.network@LOCALHOST.NETWORK (DES cbc mode with
CRC-32)
3 host/ubuntuhardy2.localhost.network@LOCALHOST.NETWORK (Triple DES cbc
mode with HMAC/sha1)
3 host/ubuntuhardy2.localhost.network@LOCALHOST.NETWORK (DES cbc mode with
CRC-32)
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
