<html>
Hi,<br>
<br>
<x-tab> </x-tab>On
enabling of the telnetd logs....I get the following..and looks like there
is a mismatch in the enc algorithms used by the telned and kdc...<br>
<br>
<br>
<br>
Any clues???<br>
<br>
Jameel.<br>
<br>
<br>
[ TerminalId: <xterm> ]<br>
[ Trying mutual KERBEROS5 ]<br>
[ Sent Kerberos V5 credentials to server ]<br>
[ Kerberos V5 Response received ]<br>
[ Kerberos V5 accepts you as 'jsyed@HOUSTON.OMNE<br>
S.SLB.COM' ]<br>
[ Starting encryption ]<br>
[ Starting encryption ]<br>
[ Starting encryption ]<br>
[ Ending encryption ]<br>
telnetd: Authorization failed.<br>
>>>TELNETD: I will support DES_CFB64<br>
>>>TELNETD: I will support DES_OFB64<br>
>>>TELNETD: He is supporting DES_CFB64 (1)<br>
Creating new feed<br>
>>>TELNETD: (*ep->start)() returned 6<br>
>>>TELNETD: in encrypt_wait<br>
CFB64: init<br>
[ Connection closed ]<br>
ial vector received<br>
Initializing Decrypt stream<br>
(*ep->is)(8060c83, 9) returned MORE_TO_DO (7)<br>
(*e<br>
p->reply)(8060c83, 1) returned MORE_TO_DO (4)<br>
>>><br>
TELNETD: encrypt_reply returned 4<br>
>>>TELNETD: Enc<br>
rypt start: initial negotiation in progress (0) <br>
DES_CFB64<br>
>>>TELNETD: Started to encrypt output with type <br>
DES_CFB64<br>
>>>TELNETD: Encrypt start: initial negotiation i<br>
n progress (0) DES_CFB64<br>
>>>TELNETD: Started to encrypt output with type <br>
DES_CFB64<br>
>>>TELNETD: Request input to be encrypted<br>
>>>TELNETD: Encrypt start: initial negotiation i<br>
n progress (0) DES_CFB64<br>
>>>TELNETD: Started to encrypt output with type <br>
DES_CFB64<br>
>>>TELNETD: Start to decrypt input with type DES<br>
_CFB64<br>
>>>TELNETD: Start to decrypt input with type DES<br>
_CFB64<br>
>>>TELNETD: Start to decrypt input with type DES<br>
_CFB64<br>
>>>TELNETD: Start to decrypt input with type DES<br>
_CFB64<br>
>>>TELNETD: Output is back to clear text<br>
<br>
<br>
<br>
<blockquote type=cite class=cite cite>Date: Tue, 06 Aug 2002 12:34:27
-0500<br>
To: Rahul Raman <rraman@MIT.EDU><br>
From: Jameel Syed <jsyed@houston.sns.slb.com><br>
Subject: Re: Fwd: URGENT HELP NEEDED for Kerberos<br>
Cc: csri@sonata-software.com, kerberos@mit.edu<br>
<br>
Hi Rahul,<br>
<br>
<x-tab> </x-tab>Thanks for
your help. I forgot to create the keytab file for the host...Now I have
created it using kadmin..and the file is located at /etc/krb5.keytab
.<br>
<br>
But I am not sure where to get the srvtab from...I am the
admin of this KDC...but I donot know how to make this file....not sure if
this file is same as the kadm5.keytab file which gets created for the
administrator.<br>
<br>
Any clues????<br>
<br>
<br>
Currently..the telnet client throws the following error: The
kdc.log and the system log doesn't have any thing logged this time.<br>
<br>
[ TerminalId: <xterm> ]<br>
[ Trying mutual KERBEROS5 ]<br>
[ Sent Kerberos V5 credentials to server ]<br>
[ Kerberos V5 Response received ]<br>
[ Kerberos V5 accepts you as 'jsyed@HOUSTON.OMNE<br>
S.SLB.COM' ]<br>
[ Starting encryption ]<br>
[ Starting encryption ]<br>
[ Starting encryption ]<br>
[ Ending encryption ]<br>
telnetd: Authorization failed.<br>
<br>
[ Connection closed ]<br>
<br>
<br>
Thanks,<br>
Jameel.<br>
<br>
At 11:14 AM 8/6/2002 -0400, you wrote:<br>
<blockquote type=cite class=cite cite>Hi Jameel,<br>
<br>
I am still waiting to hear from someone in the kerberos mailling list. I
think my problem is with the srvtab file that I got from the MIT user
accounts. The krb5.keytab file that I have may be the incorrect
version and I am still trying to resolve this issue.<br>
<br>
The error that you see is a little different from mine. I get<br>
telnetd: krb5_rd_req failed: Unkown keytable type - indicates that there
is something wrong with my srvtab or krb5.keytab file.<br>
<br>
In your case you get "No such file or directory" which means
that you may not have the keytab file. You need to create this file from
a srvtab file. I dont know how you get a srvtab file for computers
outside MIT but the following link shows how to get the srvtab and create
keytab file.<br>
<br>
<a href="http://web.mit.edu/is/unix-vms/kerbinstall.html" eudora="autourl">http://web.mit.edu/is/unix-vms/kerbinstall.html</a><br>
<br>
I hope this information helps<br>
<br>
Rahul<br>
<br>
<br>
At 10:58 PM 8/5/2002 -0500, you wrote:<br>
<blockquote type=cite class=cite cite>Hi,<br>
<br>
<x-tab> </x-tab>I have
noticed that you were getting the same problem as I am getting right now.
I was wondering if you were able to resolve it...if so please advise
me...<br>
<br>
<br>
<br>
Thanks in advance.<br>
<br>
Jameel.<br>
<br>
<br>
<br>
<br>
<blockquote type=cite class=cite cite>Date: Mon, 05 Aug 2002 19:31:33
-0500<br>
From: Jameel Syed <jsyed@slb.com><br>
Subject: URGENT HELP NEEDED<br>
To: jsyed@slb.com<br>
Message-id: <3D4F18E5.43777351@slb.com><br>
Newsgroups: comp.protocols.kerberos<br>
<br>
Hi all,<br>
<br>
I have installed KDC on a linux , i686 machine. I am
using KTelnet<br>
as my telnet client to connect to the telnet server present on the
same<br>
machine from a Win2000 system.<br>
<br>
The KDC is MIT KDC 1.2.5 version downloaded from the mit
web<br>
site..and the telnet deamon is the one supplied with it.<br>
<br>
Everything goes on fine..the KTelnet client gets the TGT and
also<br>
service ticket..but the telnet deamon....gives me the following<br>
error.....It will be great if you'll help me resolve this
issue......<br>
<br>
<br>
Its very urgent and improtant for me to resolve it ASAP...<br>
<br>
Your help would be greatly appreciated.<br>
Thanks,<br>
Jameel.<br>
<br>
ERROR:<br>
<br>
<br>
[ TerminalId: <xterm> ]<br>
[ Trying mutual KERBEROS5 ]<br>
[ Sent Kerberos V5 credentials to server ]<br>
ð[ Kerberos V5 didn't accept you ]<br>
[ Reason: telnetd: krb5_rd_req failed: No such f<br>
ile or directory ]<br>
[ Trying mutual KERBEROS5 ]<br>
[ Sent Kerberos V5 credentials to server ]<br>
ð[ Kerberos V5 didn't accept you ]<br>
[ Reason: telnetd: krb5_rd_req failed: No such f<br>
ile or directory ]<br>
[ Trying KERBEROS5 ]<br>
[ Sent Kerberos V5 credentials to server ]<br>
ð[ Kerberos V5 didn't accept you ]<br>
[ Reason: telnetd: krb5_rd_req failed: No such file or directory ]<br>
telnetd: Authorization failed.<br>
<br>
[ Connection closed ]</blockquote><br>
<font size=5 color="#000080"><b>Schlumberger<x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><br>
<div align="right">
<x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab>Jameel
Syed<br>
<br>
</b></font><font size=4 color="#000080">Schlumberger Network
Solutions<br>
<i>5599 Sanfelipe<br>
Suite 1040<br>
Houston, TX-77056.<br>
Office: 713-513-3256</i></font></blockquote><br>
</div>
<font size=5 color="#000080"><b>Schlumberger<x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><br>
</font><div align="right">
<font face="@Batang" size=5 color="#000080"><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab>Jameel
Syed<br>
<br>
</b></font><font size=4 color="#000080">Schlumberger Network
Solutions<br>
<i>5599 Sanfelipe<br>
Suite 1040<br>
Houston, TX-77056.<br>
Office: 713-513-3256</i></font></blockquote>
<x-sigsep><p></x-sigsep>
</div>
<font size=5 color="#000080"><b>Schlumberger<x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><br>
</font><div align="right">
<font face="@Batang" size=5 color="#000080"><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab><x-tab> </x-tab>Jameel
Syed<br>
<br>
</b></font><font size=4 color="#000080">Schlumberger Network
Solutions<br>
<i>5599 Sanfelipe<br>
Suite 1040<br>
Houston, TX-77056.<br>
Office: 713-513-3256<br>
</font></i></div>
</html>