Kerberos and JAAS tutorial

Julio Garcia pastaza at
Fri Feb 14 15:54:31 EST 2003


I am using krb5-1.2.7. I am completely new to kerberos. I searched for the 
error that I am getting before trying this. I'm sorry if this is dumb 
question with an obvious answer.

I am attempting to learn the Java GSS API. I have installed kerberos to 
experiment and tried a few simple things (kinit mostly) and things seemed to 
be working OK.

My initial krb5.conf and kdc.conf files specified des3-hmac-sha1 and 
des-cbs-crc encryption types, but this seemed to make the java GSS unhapy. I 
shut down krb5kdc and kadmind (kill <pids>), got rid of the des3-hmac-sha 
and attempted to restart the daemons. the restart of krb5kdc failed with 
this error:

krb5kdc: cannot initialize realm <my realm>

This was not too surprising I thought, so I decided to delete my 
configuration and database and just rebuild it. No big deal. To do so, I 
first deleted all the files in .../var/krdb5kdc except for kadm5.acl (which 
just has one admin entry) and kdc.conf. I then executed the following:

kdb5_util create -r <my realm> -s

It asked for the master key and verification. After I entered this, I got 
the following error:

kdb5_util: No matching key in entry while initializing the kerberos context

It looks like I need to clean up other droppings? How can I reconstruct my 
kerberos environment?


Julio Garcia
Agilent Technologies, Inc.

MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*.

More information about the Kerberos mailing list