keytab wrecks login
Ron Peterson
rpeterso at mtholyoke.edu
Mon Jul 10 21:56:14 EDT 2006
Debian Sarge
MIT Kerberos packages (1.3.6)
I am clearly not understanding something about how kerberos operates.
If I add a principal to a keytab, I can no longer log in with a
password?
...password is working here...
1045# kadmin -p network/admin
Authenticating as principal network/admin with password.
Password for network/admin at MTHOLYOKE.EDU:
...add user to keytab...
kadmin: ktadd -k /var/tmp/test.keytab network/admin
Entry for principal network/admin with kvno 10, encryption type Triple DES cbc mode with HMAC/sha1 added to keytab WRFILE:/var/tmp/test.keytab.
Entry for principal network/admin with kvno 10, encryption type DES cbc mode with CRC-32 added to keytab WRFILE:/var/tmp/test.keytab.
kadmin: quit
...authenticate using password is now broken!... <=============== why???
1047# kadmin -p network/admin
Authenticating as principal network/admin with password.
Password for network/admin at MTHOLYOKE.EDU:
kadmin: Incorrect password while initializing kadmin interface
...authenticate using keytab works...
1046# kadmin -p network/admin at MTHOLYOKE.EDU -t /var/tmp/test.keytab -k /var/tmp/test.keytab
Authenticating as principal network/admin at MTHOLYOKE.EDU with keytab /var/tmp/test.keytab.
kadmin: quit
Any help would be appreciated. TIA.
--
Ron Peterson
Network & Systems Manager
Mount Holyoke College
http://www.mtholyoke.edu/~rpeterso
More information about the Kerberos
mailing list