[32662] in Kerberos
Re: kprop: Software caused connection abort while authenticating
daemon@ATHENA.MIT.EDU (Greg Hudson)
Mon Sep 13 19:33:34 2010
From: Greg Hudson <ghudson@mit.edu>
To: "Mark.Hendricks@humboldt.edu" <Mark.Hendricks@humboldt.edu>
In-Reply-To: <1458499354.1163401284162076013.JavaMail.root@zimbra.humboldt.edu>
Date: Mon, 13 Sep 2010 19:33:28 -0400
Message-ID: <1284420808.5992.1596.camel@ray>
Mime-Version: 1.0
Cc: "kerberos@mit.edu" <kerberos@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On Fri, 2010-09-10 at 19:41 -0400, Mark.Hendricks@humboldt.edu wrote:
> /usr/kerberos/sbin/kprop: Software caused connection abort while authenticating to server
This error message corresponds to the code ECONNRESET. Such an error
can originate from a socket call, or from the krb5 library if the
connection is closed at an unexpected point in the krb5_sendauth
conversation.
A packet trace from the master's perspective could be enlightening.
Stepping through the kprop code could yield the same information, but
might not be as easy to carry out.
> Sep 10 16:28:18 [FQDN of SLAVE] krb5kdc[10815](info): AS_REQ (6 etypes {1 11 10 15 12 13}) 137.150.145.188: ISSUE: authtime 1284161298, etypes {rep=1 tkt=1 ses=1}, host/[FQDN of SLAVE]@REALM for host/[FQDN of SLAVE]@REALM
>
> Sep 10 14:36:30 [FQDN of MASTER-KDC] krb5kdc[10815](info): AS_REQ (6 etypes {1 11 10 15 12 13}) 137.150.145.188: ISSUE: authtime 1284154590, etypes {rep=1 tkt=1 ses=1}, host/[FQDN of MASTER-KDC]@REALM for host/[FQDN of MASTER-KDC]@REALM
These messages pertain to acquiring tickets, but don't say anything
about the AP-REQ/AP-REP exchange between the master and slave.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
