Connection refused in call to connect...

John Green green at blueheronbio.com
Tue Mar 5 13:11:00 EST 2002


Hi, I'm relatively new to Kerberos, and I've run into a problem when trying
to replicate my database. I get the error: "Connection refused in call to
connect while opening connection to blah.blah.com." I'm using RH7.2. I've
seen a posting for this already, but my default encryption I've already set
to MIT standards. I have both servers in my kpropd.acl on both machines.
I've tried modifying my xinetd.conf, no luck, I tried modifying the files RH
has in /etc/xinetd.d (eklogin, klogin), and still no luck. I've tried
manually stating a port in the kprop command (kprop -f blahblah -P 754),
didn't work. I also tried pointing to the kpropd.acl with -a
kpropd.acl_location in xinetd.conf. My present setup is functioning well
with this exception, I have an LDAP directory and a mail server that uses
Kerberos for all passwords, and I can kadmin to the primary KDC from the
intended slave, so I know the GSS-API libraries are functioning.
So, here are a few questions:
I believe I do not have to set up a new principal on the slave, simply
import the existing one. Is this true? (I've seen conflicting reports)
Do I have to add keytabs for both machines(master-slave) on each machine? (I
tried this, and got a "Decrypt integrity check failed while getting intial
ticket")
Can anyone give me a clue what might be going wrong?

Thanks
John





More information about the Kerberos mailing list