Decrypt integrity check failed
jonr@destar.net
jonr at destar.net
Mon Jul 10 20:29:50 EDT 2006
Quoting "Richard E. Silverman" <res at qoxp.net>:
> >>>>> "jonr" == jonr <jonr at destar.net> writes:
>
> jonr> I have a slave kdc and am trying to get the master to kprop the
> jonr> db to the slave. I continually get this error: kprop: Decrypt
> jonr> integrity check failed while getting initial ticket
>
>
> >> From what I have read it is a wrong password for one of the hosts
> >> in the
> jonr> database.
>
> No; the problem here is probably the key of the master kdc's host
> principal, on the slave. The slave uses it to authenticate the peer and
> compare to kpropd.conf, which lists the hosts allowed to update the
> slave's copy of the KDB.
Thanks for the help Richard, I have been slowly slipping into madness trying to
grasp kerberos. The file that the slave looks in to validate is the
kadm5.keytab file, is that correct? I have tried scp'ing this file to my slave
thinking that would have the correct permissions, this did not work, same
error.
How do I fix this error? If you just have a document or a link that would
explain how to recover from such an error, I will do all the reading to figure
it out for myself. But I have not found anything that tells me how to fix this
error in a way that I understand.
Thanks again for the help,
Jon
More information about the Kerberos
mailing list