SSH issue

Marcel Koopmans marcel.koopmans at elysium-os.nl
Tue Jan 17 13:24:26 EST 2006 

Hello Klaas,

hephaestus runs MacOSX 10.4.4 so the /etc/krb5.conf file is named 
/Library/Preferences/edu.mit.Kerberos but it looks ok

[libdefaults]
  default_realm = HOME.ELYSIUM-OS.NL

[realms]
  HOME.ELYSIUM-OS.NL = {
    kdc = zeus.home.elysium-os.nl:88
    admin_server = zeus.home.elysium-os.nl:749
    default_domain = home.elysium-os.nl
  }

[domain_realm]
  home.elysium-os.nl = HOME.ELYSIUM-OS.NL
  .home.elysium-os.nl = HOME.ELYSIUM-OS.NL


On zeus /etc/krb5.conf also looks ok


[libdefaults]
  default_realm = HOME.ELYSIUM-OS.NL

[realms]
  HOME.ELYSIUM-OS.NL = {
    kdc = kerberos.home.elysium-os.nl:88
    admin_server = kerberos.home.elysium-os.nl:749
    default_domain = home.elysium-os.nl
  }

[domain_realm]
  home.elysium-os.nl = HOME.ELYSIUM-OS.NL
  .home.elysium-os.nl = HOME.ELYSIUM-OS.NL

[logging]
  kdc = FILE:/var/log/kerberos.log
  admin_server = FILE:/var/log/kerberos.log
  default = FILE:/var/log/kerberos.log


In the logfile og the KDC it shows


Jan 17 19:16:48 zeus krb5kdc[2170](info): TGS_REQ (7 etypes {18 17 16 23 
1 3 2}) 172.20.1.5: UNKNOWN_SERVER: authtime 1137492150,  
marcel at HOME.ELYSIUM-OS.NL for krbtgt/ELYSIUM-OS.NL at HOME.ELYSIUM-OS.NL, 
Server not found in Kerberos database


I do not get a ticket for zeus.
If server zeus is unknown that why does it work just fine from hades??
If there is something wrong on hephaestus whay does ssh to hades work??

with kind regards,
    Marcel



Klaas Hagemann wrote:
> Hi marcel,
>
> check the domain-realm mapping in /etc/krb5.conf, maybe something there 
> is wrong.
> then you can monitor krb5kdc.log while trying to access zeus and see 
> whats going on.
>
> does principal marcel gets a service ticket for zeus?
>
> - Klaas
>
> Marcel Koopmans schrieb:
>
>   
>> Hello everybody,
>>
>> I have a issue with ssh to another computer
>> I use 3 computers,
>>
>> 1 zeus, the KDC that has sshd running
>> 2 hades,  server that has sshd running
>> 3 hephaestus,  a workstation, no sshd.
>>
>> On hephaestus principal marcel gets its TGT.
>> ssh to hades works just fine, no password is required.
>> ssh to zeus fails, in the debug data from ssh I find "Server not found 
>> in Kerberos database".
>> but...
>> login on hades and ssh to zeus does work fine.
>> also login on hephaestus ssh to hades and then ssh to zeus works fine.
>>
>> any ideas??
>>
>> with kind regards,
>>    Marcel
>>
>> ------------------------------------------------------------------------
>>
>> ________________________________________________
>> Kerberos mailing list           Kerberos at mit.edu
>> https://mailman.mit.edu/mailman/listinfo/kerberos
>>  
>>
>>     
>
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
> .
>
>

More information about the Kerberos mailing list