kinit -S host/hostname.domain.com@REALM doesnot send TGS Request

Srinivas Cheruku csri at sonata-software.com
Thu Mar 28 23:40:20 EST 2002


Hi all,

When we use kinit to get the service ticket for a host, then it will not
send TGS_REQ but sends AS_REQ to the KDC.


$ ./kinit -S host/sonata-sparc.cybssl.com at SONHP3TEST.COM
Password for csri at SONHP3TEST.COM:
$

On the KDC log,
Mar 29 03:42:02 sonhp3 krb5kdc[5479](info): AS_REQ X.X.X.X(88): ISSUE:
authtime
1017373322, csri at SONHP3TEST.COM for
host/sonata-sparc.cybssl.com at SONHP3TEST.COM

That is it sending the AS_REQ instead of TGS_REQ.  Why it is asking for
password? Why it can't read the credential cache and acquire user and get
the service on the user's behalf?

$ ./klist
Ticket cache: FILE:/tmp/krb5cc_1020
Default principal: csri at SONHP3TEST.COM

Valid starting     Expires            Service principal
03/29/02 03:42:02  03/29/02 13:40:49
host/sonata-sparc.cybssl.com at SONHP3TEST.COM

$

In the credential cache you will have only the service ticket? What happened
to the TGT?

Thanks in Advance.
Srini


*********************************************************************
Disclaimer: The information in this e-mail and any attachments is
confidential / privileged. It is intended solely for the addressee or
addressees. If you are not the addressee indicated in this message, you may
not copy or deliver this message to anyone. In such case, you should destroy
this message and kindly notify the sender by reply email. Please advise
immediately if you or your employer does not consent to Internet email for
messages of this kind.
*********************************************************************



More information about the Kerberos mailing list