Odd Kermit Kerberos problem
Donn Cave
donn at u.washington.edu
Mon May 20 13:10:25 EDT 2002
Quoth eravin at panix.com (Ed Ravin):
| I encountered a very odd problem with Kermit and Kerberized
| telnet today. I tried to use kermit to connect to a host:
|
| $ kermit -J serverhost
| DNS Lookup... Trying 192.168.1.23... Reverse DNS Lookup... (OK)
| No credentials found with supported encryption types while authorizing (3).
| Authentication failed: No authentication method available
|
| This was odd because I had just Kerberized using /usr/bin/telnet to a
| different host. I tried serverhost with telnet, it Kerberized without
| a problem, then tried Kermit again, and it now could Kerberize without
| a problem.
|
| Environment is NetBSD 1.5.2, with MIT libraries and KDC.
|
| Any idea what might be going on here?
No, and I don't want to. I just want the encryption types
pain to end. But if you can repeat this, you might use
"klist -e" to check up on your credentials before and after
these steps.
On NetBSD, /usr/bin/telnet would normally be Heimdal, not MIT.
These two implementations can use the same krb5.conf, but there
are differences that happen to be related to encryption types.
My MIT krb5.conf has these two lines in [libdefs]:
default_tkt_enctypes = des-cbc-crc
default_tgs_enctypes = des-cbc-crc
and I added these for the Heimdal applications -
default_etypes = des-cbc-crc
default_etypes_des = des-cbc-crc
Donn Cave, donn at u.washington.edu
More information about the Kerberos
mailing list