Problems using Kerberos telnet

Marcio d'Avila Scheibler marcio at cpd.ufsm.br
Thu Mar 21 12:28:45 EST 2002 

I've seen in somewhere you must configure your system
so that hostname command returns FQDN, not just
base hostname.

For instance, /etc/hosts should have:

x.x.x.x		host.domain

and not

x.x.x.x		host


Telnet server what is delivered with MIT krb5 assumes its
own principal is host/hostname.domain at REALM, that
needs to be stored in kdc database and also
needs to have their keytab in telnetd's host.


On Thu, 21 Mar 2002, Wyllys Ingersoll wrote:

> Date: Thu, 21 Mar 2002 12:08:21 -0500
> From: Wyllys Ingersoll <wyllys at eng.sun.com>
> To: kerberos at mit.edu
> Subject: Re: Problems using Kerberos telnet
> 
> 
> 
> >
> >Thanks for those debugging tips here is the output of the debugging with 
> >the kerberized telnet client:
> >
> [...]
> 
> >
> >Waiting for encryption to be negotiated...
> >RCVD DO AUTHENTICATION
> >RCVD IAC SB AUTHENTICATION SEND KERBEROS_V5 CLIENT|MUTUAL|ENCRYPT 
> >KERBEROS_V5 CLIENT|MUTUAL KERBEROS_V5 CLIENT|ONE-WAY
> > >>>TELNET: auth_send got: 02 06 02 02 02 00
> > >>>TELNET: He supports 2
> > >>>TELNET: Trying 2 6
> >telnet: Kerberos V5: failure on credentials(Server not found in Kerberos 
> >database)
> > >>>TELNET: He supports 2
> > >>>TELNET: Trying 2 2
> >telnet: Kerberos V5: failure on credentials(Server not found in Kerberos 
> >database)
> > >>>TELNET: He supports 2
> > >>>TELNET: Trying 2 0
> >telnet: Kerberos V5: failure on credentials(Server not found in Kerberos 
> >
> 
> This is the problem.  Is the hostname you entered at the client prompt 
> the same as the name
> of the server that is stored in the KDC?  It may be a DNS issue, try 
> specifying the
> fully-qualified hostname when you make your connection from the client.
> 
> A look at the KDC logs might help clear this up.
> 
> -wyllys
> 
> 
> 
> 
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> http://mailman.mit.edu/mailman/listinfo/kerberos
> 
> 

------------------------------------------------------------------------------
Marcio d'Avila Scheibler - Divisao de Suporte (marcio at cpd.ufsm.br)
Centro de Processamento de Dados - Campus Universitario - CEP 97105-900
Universidade Federal de Santa Maria - RS - Brasil
=============================================================================

More information about the Kerberos mailing list