Fwd: Re: Fwd: URGENT HELP NEEDED for Kerberos

Jameel Syed jsyed at houston.sns.slb.com
Tue Aug 6 18:35:37 EDT 2002 

Hi,

         On enabling of the telnetd logs....I get the following..and looks 
like there is a mismatch in the enc algorithms used by the telned and kdc...



    Any clues???

Jameel.


[ TerminalId: <xterm> ]
[ Trying mutual KERBEROS5 ]
[ Sent Kerberos V5 credentials to server ]
[ Kerberos V5 Response received ]
[ Kerberos V5 accepts you as 'jsyed at HOUSTON.OMNE
S.SLB.COM' ]
[ Starting encryption ]
[ Starting encryption ]
[ Starting encryption ]
[ Ending encryption ]
telnetd: Authorization failed.
 >>>TELNETD: I will support DES_CFB64
 >>>TELNETD: I will support DES_OFB64
 >>>TELNETD: He is supporting DES_CFB64 (1)
Creating new feed
 >>>TELNETD: (*ep->start)() returned 6
 >>>TELNETD: in encrypt_wait
CFB64: init
[ Connection closed ]
ial vector received
Initializing Decrypt stream
(*ep->is)(8060c83, 9) returned MORE_TO_DO (7)
                                              (*e
p->reply)(8060c83, 1) returned MORE_TO_DO (4)
                                              >>>
TELNETD: encrypt_reply returned 4
                                  >>>TELNETD: Enc
rypt start: initial negotiation in progress (0)
DES_CFB64
 >>>TELNETD: Started to encrypt output with type
DES_CFB64
 >>>TELNETD: Encrypt start: initial negotiation i
n progress (0) DES_CFB64
 >>>TELNETD: Started to encrypt output with type
DES_CFB64
 >>>TELNETD: Request input to be encrypted
 >>>TELNETD: Encrypt start: initial negotiation i
n progress (0) DES_CFB64
 >>>TELNETD: Started to encrypt output with type
DES_CFB64
 >>>TELNETD: Start to decrypt input with type DES
_CFB64
 >>>TELNETD: Start to decrypt input with type DES
_CFB64
 >>>TELNETD: Start to decrypt input with type DES
_CFB64
 >>>TELNETD: Start to decrypt input with type DES
_CFB64
 >>>TELNETD: Output is back to clear text



>Date: Tue, 06 Aug 2002 12:34:27 -0500
>To: Rahul Raman <rraman at MIT.EDU>
>From: Jameel Syed <jsyed at houston.sns.slb.com>
>Subject: Re: Fwd: URGENT HELP NEEDED for Kerberos
>Cc: csri at sonata-software.com, kerberos at mit.edu
>
>Hi Rahul,
>
>         Thanks for your help. I forgot to create the keytab file for the 
> host...Now I have created it using kadmin..and the file is located at 
> /etc/krb5.keytab .
>
>    But I am not sure where to get the srvtab from...I am the admin of 
> this KDC...but I donot know how to make this file....not sure if this 
> file is same as the kadm5.keytab file which gets created for the administrator.
>
>    Any clues????
>
>
>    Currently..the telnet client throws the following error: The kdc.log 
> and the system log doesn't have any thing logged this time.
>
>[ TerminalId: <xterm> ]
>[ Trying mutual KERBEROS5 ]
>[ Sent Kerberos V5 credentials to server ]
>[ Kerberos V5 Response received ]
>[ Kerberos V5 accepts you as 'jsyed at HOUSTON.OMNE
>S.SLB.COM' ]
>[ Starting encryption ]
>[ Starting encryption ]
>[ Starting encryption ]
>[ Ending encryption ]
>telnetd: Authorization failed.
>
>[ Connection closed ]
>
>
>Thanks,
>Jameel.
>
>At 11:14 AM 8/6/2002 -0400, you wrote:
>>Hi Jameel,
>>
>>I am still waiting to hear from someone in the kerberos mailling list. I 
>>think my problem is with the srvtab file that I got from the MIT user 
>>accounts.  The krb5.keytab file that I have may be the incorrect version 
>>and I am still trying to resolve this issue.
>>
>>The error that you see is a little different from mine. I get
>>telnetd: krb5_rd_req failed: Unkown keytable type - indicates that there 
>>is something wrong with my srvtab or krb5.keytab file.
>>
>>In your case you get "No such file or directory" which means that you may 
>>not have the keytab file. You need to create this file from a srvtab 
>>file. I dont know how you get a srvtab file for computers outside MIT but 
>>the following link shows how to get the srvtab and create keytab file.
>>
>>http://web.mit.edu/is/unix-vms/kerbinstall.html
>>
>>I hope this information helps
>>
>>Rahul
>>
>>
>>At 10:58 PM 8/5/2002 -0500, you wrote:
>>>Hi,
>>>
>>>         I have noticed that you were getting the same problem as I am 
>>> getting right now. I was wondering if you were able to resolve it...if 
>>> so please advise me...
>>>
>>>
>>>
>>>Thanks in advance.
>>>
>>>Jameel.
>>>
>>>
>>>
>>>
>>>>Date: Mon, 05 Aug 2002 19:31:33 -0500
>>>>From: Jameel Syed <jsyed at slb.com>
>>>>Subject: URGENT HELP NEEDED
>>>>To: jsyed at slb.com
>>>>Message-id: <3D4F18E5.43777351 at slb.com>
>>>>Newsgroups: comp.protocols.kerberos
>>>>
>>>>Hi all,
>>>>
>>>>     I have installed KDC on a linux , i686 machine. I am using KTelnet
>>>>as my telnet client to connect to the telnet server present on the same
>>>>machine from a Win2000 system.
>>>>
>>>>    The KDC is MIT KDC 1.2.5 version downloaded from the mit web
>>>>site..and the telnet deamon is the one supplied with it.
>>>>
>>>>    Everything goes on fine..the KTelnet client gets the TGT and also
>>>>service ticket..but the telnet deamon....gives me the following
>>>>error.....It will be great if you'll help me resolve this issue......
>>>>
>>>>
>>>>Its very urgent and improtant for me to resolve it ASAP...
>>>>
>>>>Your help would be greatly appreciated.
>>>>Thanks,
>>>>Jameel.
>>>>
>>>>ERROR:
>>>>
>>>>
>>>>[ TerminalId: <xterm> ]
>>>>[ Trying mutual KERBEROS5 ]
>>>>[ Sent Kerberos V5 credentials to server ]
>>>>ð[ Kerberos V5 didn't accept you ]
>>>>[ Reason: telnetd: krb5_rd_req failed: No such f
>>>>ile or directory ]
>>>>[ Trying mutual KERBEROS5 ]
>>>>[ Sent Kerberos V5 credentials to server ]
>>>>ð[ Kerberos V5 didn't accept you ]
>>>>[ Reason: telnetd: krb5_rd_req failed: No such f
>>>>ile or directory ]
>>>>[ Trying KERBEROS5 ]
>>>>[ Sent Kerberos V5 credentials to server ]
>>>>ð[ Kerberos V5 didn't accept you ]
>>>>[ Reason: telnetd: krb5_rd_req failed: No such file or directory ]
>>>>telnetd: Authorization failed.
>>>>
>>>>[ Connection closed ]
>>>
>>>Schlumberger
>>> 
>>>Jameel Syed
>>>
>>>Schlumberger Network Solutions
>>>5599 Sanfelipe
>>>Suite 1040
>>>Houston, TX-77056.
>>>Office: 713-513-3256
>>
>>Schlumberger
>> 
>>Jameel Syed
>>
>>Schlumberger Network Solutions
>>5599 Sanfelipe
>>Suite 1040
>>Houston, TX-77056.
>>Office: 713-513-3256
>
>Schlumberger
> 
>Jameel Syed
>
>Schlumberger Network Solutions
>5599 Sanfelipe
>Suite 1040
>Houston, TX-77056.
>Office: 713-513-3256
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/kerberos/attachments/20020806/c8fda635/attachment.htm

More information about the Kerberos mailing list