Key version number for principal in key table is incorrect

Donn Cave donn at u.washington.edu
Tue Jun 4 11:37:26 EDT 2002


Quoth turbo at bayour.com (Turbo Fredriksson):
...
| Using the dump of the current database I'm doing every night, I sat up
| the new KDC/KAdmin on rmgztk...
|
| I can authenticate etc between tuzjfi, which is a test machine I'm
| using to pre-test migrations etc on.

[if that's important, you should restate it to mean something -
"between tuzjfi" and what, what does "can authenticate" mean.]

| Getting a ticket on tuzjfi, from rmgztk goes well, but when I try to
| ktelnet to papadoc (tuzjfi, rmgztk and morwen is behind a firewall),
| using address-less tickets, I get

| [ Kerberos V5 refuses authentication because telnetd: krb5_rd_req failed: Key version number for principal in key table is incorrect ]

Do you know how to find out what key versions you're using?

1.  klist -ke [/etc/krb5.keytab]
    klist -ke /var/krb5/krb5kdc/kadm5.keytab
2.  kadmin
    > getprinc host/papadoc....

Take note of encryption types.

	Donn Cave, donn at u.washington.edu



More information about the Kerberos mailing list