kpasswd fails on remote, succeeds on local
bogus
bogus at erehwyna.ton
Sun Jun 25 20:24:17 EDT 2006
Greetings, gurus:
Assume the following:
KDC = kdc.bogus.com
kadmind listening on tcp port 749
kadmind listening on udp port 464
krb5kdc listening on udp 88
kdc.conf includes:
[realms]
BOGUS.COM = {
...
kadmind_port = 749
}
krb5.conf includes:
[realms]
BOGUS.COM = {
...
admin_server = kdc.bogus.com:749
kpasswd_server = kdc.bogus.com:749
}
Remote host = bitty.bogus.com
kdc.conf the same as above
I can successfully change a user's password from the console
of 'kdc', but not from the console of 'bitty'. From 'bitty',
I execute:
% kpasswd
Password for <user>@BOGUS.COM: (good so far)
Enter new password: :
Enter it again: : (long wait)
kpasswd: Connection timed out changing password
The KDC is issuing a changepw ticket, as seen by the logs on
'kdc', but the transaction is never completed. I get the same
failure whether I attempt the password change as <user> or
<root/admin>. Firewalls are not the issue, and I get the same
results from all remote hosts. The logs on 'kdc' show no
reason for the failure.
Any clues?
More information about the Kerberos
mailing list