Extract Keytab Remotely, Key table entry not found
ms419@freezone.co.uk
ms419 at freezone.co.uk
Thu Apr 15 04:33:32 EDT 2004
Since "kadmin" doesn't support cross realm authentication, I cannot
extract a keytab locally: "Ideally, you should extract each keytab
locally ... If this is not feasible, you should use an encrypted
session to send them across the network." How does one use an encrypted
session to send a keytab across the network?
I've tried extracting a keytab using "kadmin.local", then using "scp"
to send it to the appropriate machine. Unfortunately, I've encounter
errors: "Key table entry not found" I only encounter this error on
machines whose keytabs I haven't locally extracted - I suspect the two
are related?
I verified DNS is OK. I can use "kinit" to obtain a ticket, but "sshd"
won't authenticate using GSSAPI. Apache negotiate authentication is
also broken.
Jack
On Apr 4, 2004, at 5:49 PM, Sam Hartman wrote:
> You cannot use cross realm auth for kadmin.
More information about the Kerberos
mailing list