problem with nfs4 with kerberos

Aruna Lakmal arunaucsc at gmail.com
Wed Apr 26 23:09:42 EDT 2006 

thanks..now it's ok..
i've set keytabs as follow..
Client...
[root at main ~]# klist -k
Keytab name: FILE:/tmp/keytab
KVNO Principal
----
--------------------------------------------------------------------------
   3 nfs/192.168.5.41 at KRB.MNETPLUS.COM
   3 nfs/main.mnetplus.lk at KRB.MNETPLUS.COM
Server..
[root at krb ~]# klist -k
Keytab name: FILE:/etc/krb5.keytab
KVNO Principal
----
--------------------------------------------------------------------------
   4 host/krb.mnetplus.com at KRB.MNETPLUS.COM
   4 host/192.168.5.66 at KRB.MNETPLUS.COM
   3 ftp/krb.mnetplus.com at KRB.MNETPLUS.COM
   3 nfs/krb.mnetplus.com at KRB.MNETPLUS.COM

after this..i tried follow on client..
mount -t nfs4 -o sec=krb5 192.168.5.66:/media/ /mnt/
this gives following error message..
Warning: rpc.gssd appears not to be running.
mount to NFS server '192.168.5.66' failed.

but i have started the gssd server on nfs server computer..
[root at krb ~]# ps -aux |grep gss
root      2207  0.0  0.2  2336 1032 ?        Ss   07:16   0:00 rpc.gssd -m

so what is the reason for this..
plase help me..

On 4/27/06, Kevin Coffman <kwc at citi.umich.edu> wrote:
>
> On 4/26/06, Aruna Lakmal <arunaucsc at gmail.com> wrote:
> > Hey guys...
> > I use RHEL4 linux version..
> > I configure my nfs server for work with kerberos as in this web site..
> >
> > http://www.citi.umich.edu/projects/nfsv4/linux/krb5-setup.html
> >
> > after that when i try to run command "mount -t nfs4 -o sec=krb5
> > 192.168.5.66:/media/ /mnt/"
> > it this give this message.. "mount: can't get address for
> main.mnetplus.lk"
> >
> > whats is the reason for that..
>
> I'm assuming the reverse DNS lookup of 192.168.5.66 resolves to the
> name main.mnetplus.lk, but a forward lookup of that name apparently
> fails.
>
> The Kerberos code will assume that the principal for the NFS server is
> "nfs/main.mnetplus.lk@<REALM>".  What is the name of the principal
> that you created and added a keytab entry for?
>
> This discussion may be more appropriate on the nfs4 mailing list:
> nfsv4 at linux-nfs.org
>
> K.C.
>

More information about the Kerberos mailing list