kfw-2.1, Win98 and Linux KDC
Turbo Fredriksson
turbo at bayour.com
Fri Apr 19 02:09:32 EDT 2002
I'm trying to get a ticket on (one of) my homemachine(s), running Win98.
I have unpacked the 'kfw-2.1-bin.zip' in '\temp\'. CD'ing to the
'\temp\kfw-2.1\bin\i386\rel' directory and executing 'kinit.exec -5' will
prompt me for my password for 'turbo at BAYOUR.COM' as it should (no errors
there). But it can't get a ticket, this is what it tells me:
KINIT.EXE(v5): Preauthentication failed while getting initial credentials
The clock on the win machine is set manually by watching 'date' on the KDC.
It should only diff <= 1 sec...
The win machine is behind a Linux firewall (iptables), and the KDC is on
the 'Net. Getting tickets from my Linux machine at home (behind same fw)
works like a charm...
I get this in my KDC logs:
----- s n i p -----
==> /var/log/kerberos/krb5kdc.log <==
Apr 19 08:00:26 papadoc krb5kdc[7826](info): preauth (timestamp) verify failure: No matching key in entry
Apr 19 08:00:26 papadoc krb5kdc[7826](info): AS_REQ (3 etypes {16 1 3}) 213.67.237.35(88): PREAUTH_FAILED: turbo at BAYOUR.COM for krbtgt/BAYOUR.COM at BAYOUR.COM, Preauthentication failed
Apr 19 08:00:26 papadoc krb5kdc[7826](info): AS_REQ (3 etypes {16 1 3}) 213.67.237.35(88): NEEDED_PREAUTH: turbo at BAYOUR.COM for krbtgt/BAYOUR.COM at BAYOUR.COM, Additional pre-authentication required
Apr 19 08:00:26 papadoc krb5kdc[7826](info): preauth (timestamp) verify failure: No matching key in entry
Apr 19 08:00:26 papadoc krb5kdc[7826](info): AS_REQ (3 etypes {16 1 3}) 213.67.237.35(88): PREAUTH_FAILED: turbo at BAYOUR.COM for krbtgt/BAYOUR.COM at BAYOUR.COM, Preauthentication failed
----- s n i p -----
What exactly does 'preauth (timestamp) verify failure: No matching key in entry'
mean!?
--
iodine cracking BATF Rule Psix arrangements NSA SEAL Team 6 Saddam
Hussein FBI Panama congress Ortega Ft. Bragg Iran spy
[See http://www.aclu.org/echelonwatch/index.html for more about this]
More information about the Kerberos
mailing list