Post-installation rlogin error

Breeze Howard bhowardNOSPAM at acns.fsu.edu
Fri Sep 27 12:20:42 EDT 2002


Peter,

Thanks for your reply.  I have checked the krb5.conf and TEST.ACNS.FSU.EDU
is set as the default_realm and as the domain realm for .acns.fsu.edu...

So, those things seem to be in place correctly.  Here is the complete
krb5.conf.

Thanks,
Breeze

/etc/krb5.conf
-----------------------------------------------
[libdefaults]
        ticket_lifetime = 600
        default_realm = TEST.ACNS.FSU.EDU
        default_tkt_enctypes = des-cbc-crc
        default_tgs_enctypes = des-cbc-crc

[realms]
        TEST.ACNS.FSU.EDU = {
            kdc = citest.acns.fsu.edu:88
            kdc = citest.acns.fsu.edu:750
            admin_server = citest.acns.fsu.edu:749
            default_domain = acns.fsu.edu
        }

[domain_realm]
        .fsu.edu =      TEST.ACNS.FSU.EDU
        fsu.edu =       TEST.ACNS.FSU.EDU
        .acns.fsu.edu = TEST.ACNS.FSU.EDU
        acns.fsu.edu = TEST.ACNS.FSU.EDU

[logging]
        kdc = FILE:/var/log/krb5kdc.log
        admin_server = FILE:/var/log/kadmin.log
        default = FILE:/var/log/krb5lib.log
--------------------------------------------------------------


""Peter J. Bertoncini " <b15013 at achilles.ctd.anl.gov>" <pjb at anl.gov> wrote
in message
> What does your krb5.conf look like?
>
> Is .acns.fsu.edu specified as being in the TEST.ACNS.FSU.EDU realm in the
> domain_realm clause of krb5.conf?
>
> ----------------------------------
>
> >Mailbox-Line: From bhowardNOSPAM at acns.fsu.edu  Fri Sep 27 10:38:10 2002
> >From: "Breeze Howard" <bhowardNOSPAM at acns.fsu.edu>
> >X-Newsgroups: comp.protocols.kerberos
> >Subject: Post-installation rlogin error
> >To: kerberos at mit.edu
> >X-BeenThere: kerberos at mit.edu
> >X-Mailman-Version: 2.0
> >List-Help: <mailto:kerberos-request at mit.edu?subject=help>
> >List-Post: <mailto:kerberos at mit.edu>
> >List-Subscribe: <http://mailman.mit.edu/mailman/listinfo/kerberos>,
> <mailto:kerberos-request at mit.edu?subject=subscribe>
> >List-Id: The Kerberos Authentication System Mailing List
<kerberos.mit.edu>
> >List-Unsubscribe: <http://mailman.mit.edu/mailman/listinfo/kerberos>,
> <mailto:kerberos-request at mit.edu?subject=unsubscribe>
> >List-Archive: <http://mailman.mit.edu/pipermail/kerberos/>
> >Date: Fri, 27 Sep 2002 11:13:55 -0400
> >X-Spam-Status: No, hits=-98.9 required=6.0
> tests=DOUBLE_CAPSWORD,USER_IN_WHITELIST version=2.31
> >
> >I just finished installing krb5-1.2.6 on a Solaris 5.8 machine.
Everything
> >in the installation and database creation seemed to go fine...  However,
I
> >get this error when I try to rlogin into the machine.
> >
> >'citest' is the KDC and my kerberos client in this case.
> >'bhoward' is a valid user on the machine and has a principal in the
> >TEST.ACNS.FSU.EDU realm.
> >Principal host/citest.acns.fsu.edu has also been added to the KDC.
> >All of the kerberos v5 related services are listed in /etc/services and
> >tcpwrapped in /etc/inetd.conf
> >
> >---------------------------------------------------------------------
> >citest# /usr/local/bin/kinit bhoward
> >Password for bhoward at TEST.ACNS.FSU.EDU:
> >citest# /usr/local/bin/rlogin -x -l bhoward citest.acns.fsu.edu
> >error getting credentials: Server not found in Kerberos database
> >Trying krb4 rlogin...
> >krb_sendauth failed: You have no tickets cached
> >---------------------------------------------------------------------
> >There are no errors listed in /var/log/tcpd
> >    Sep 27 09:30:55 citest klogind[13537]: [ID 927837 local1.info]
connect
> >from citest
> >
> >But this error is found in the /var/log/krb5kdc.log
>
>---------------------------------------------------------------------------
-
> >----
> >Sep 27 10:11:42 citest krb5kdc[22017](info): TGS_REQ (1 etypes {1})
> >128.186.6.13(88): UNKNOWN_SERVER: authtime 1033135885,
> >bhoward at TEST.ACNS.FSU.EDU for host/citest at TEST.ACNS.FSU.EDU, Server not
> >found in Kerberos database
>
>---------------------------------------------------------------------------
-
> >----
> >
> >Does anyone have an idea of what I am doing wrong?
> >
> >Thanks in advance,
> >Breeze Howard
> >
> >----------------------
> >Breeze Howard
> >bhoward at acns.fsu.edu
> >(850) 644-2591
> >Academic Computing & Networking Services
> >Florida State University
> >
> >
> >
> >________________________________________________
> >Kerberos mailing list           Kerberos at mit.edu
> >http://mailman.mit.edu/mailman/listinfo/kerberos
> >
>
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> http://mailman.mit.edu/mailman/listinfo/kerberos
>





More information about the Kerberos mailing list