analysis of krb5kdc.log
Matthew Cocker
matt at cs.auckland.ac.nz
Sun Feb 19 20:02:16 EST 2006
Hi
I have finally started to get around to analysing the krb5kdc.logs from
our production server. Most of it was simple but I can't seem to find a
marker for a failed login with an incorrect password. I see the same log
entry for sucessful or unsuccessful logins using kinit?
failed login
Feb 20 13:33:19 keberos krb5kdc[29389](info): AS_REQ (1 etypes {1})
nnn.nnn.nnn.nnn: ISSUE: authtime 1140395599, etypes {rep=1 tkt=16
ses=1}, username at REALM for krbtgt/REALM at REALM
successful login
Feb 20 13:33:24 kerberos krb5kdc[29389](info): AS_REQ (1 etypes {1})
nnn.nnn.nnn.nnn: ISSUE: authtime 1140395604, etypes {rep=1 tkt=16
ses=1}, username at REALM for krbtgt/REALM at REALM
Is it even possible to tell from the KDC?
Cheers
Matt
More information about the Kerberos
mailing list