Key version number for principal in key table is incorrect
Donn Cave
donn at u.washington.edu
Tue Jun 4 11:37:26 EDT 2002
Quoth turbo at bayour.com (Turbo Fredriksson):
...
| Using the dump of the current database I'm doing every night, I sat up
| the new KDC/KAdmin on rmgztk...
|
| I can authenticate etc between tuzjfi, which is a test machine I'm
| using to pre-test migrations etc on.
[if that's important, you should restate it to mean something -
"between tuzjfi" and what, what does "can authenticate" mean.]
| Getting a ticket on tuzjfi, from rmgztk goes well, but when I try to
| ktelnet to papadoc (tuzjfi, rmgztk and morwen is behind a firewall),
| using address-less tickets, I get
| [ Kerberos V5 refuses authentication because telnetd: krb5_rd_req failed: Key version number for principal in key table is incorrect ]
Do you know how to find out what key versions you're using?
1. klist -ke [/etc/krb5.keytab]
klist -ke /var/krb5/krb5kdc/kadm5.keytab
2. kadmin
> getprinc host/papadoc....
Take note of encryption types.
Donn Cave, donn at u.washington.edu
More information about the Kerberos
mailing list