Kerberos error message

Jim Barlow jbarlow at
Wed Dec 11 12:48:07 EST 2002

That was an initial fix, however, the problem keeps cropping up.  So in order
to "fix" it we have a cron that runs every minute which removes the replay
cache.  One option is to compile w/o replay cache, which seems to decrease
security, and I am hesitant in doing that.  I am curious if anyone else has
seen any problems like this before, or similar problems with the reply
cache.  Is there any documentation on how the replay cache works which may
give me a clue as to why it's getting corrupted?


On Tue, Dec 10, 2002 at 10:18:11PM -0500, Ken Hornstein wrote:
> >Alot of our users have been getting the following popup error messages
> >when using their Eudora clients:
> >
> >Kclnt32 Server rejected: Server rejected authentication (during sendauth 
> >exchange) Permission denied in replay cache code
> >
> >Our mail server has been undergoing a number of changes (upgrade of hardware,
> >different disks, etc.) and we didn't see any of these until recently.  Has
> >anyone seen these before or know why they may appear?
> When I've seen this before, it's a result of corruption in the replay
> cache.  I've simply deleted it (probably /var/tmp/rc_pop_0) and it fixes
> the problem.
> --Ken

James J. Barlow   <jbarlow at>
Senior System/Security Engineer
National Center for Supercomputing Applications    Voice : (217)244-6403
605 East Springfield Avenue   Champaign, IL 61820   Cell : (217)840-0601                    Fax : (217)244-1987

More information about the Kerberos mailing list