KDC doesn't behave pproperly when client is running on other machine ?

Rajeshwar Singh Jenwar rsjenwar at gmail.com
Tue May 2 00:12:03 EDT 2006


Hi Sam,

Thanks for your reply.
I have built KDC from source as per your suggestion but KDC is still
crashing for previous mentioned condition.
Below are some configuration on both machines.
Please tell me if you need more information.
Also tell me for previous mentioned condition where KDC and SMTP server are
running on the same machine (m1.testdomain.com), do i need to transfer the
krb5.keytab file on the other machine (m2.testdomain.com) where GSSAPI based
SMTP client is running  ?


m1.testdomain.com
================
#uname -a, gives
Linux m1.testdomain.com 2.4.18-14 #1 Wed Sep 4 13:35:50 EDT 2002 i686 i686
i386 GNU/Linux
My kerberos version is krb5-1.3.5.
GSSAPI - VERSION
libgssapi_krb5.so.2.2
    /etc/krb5.conf


[libdefaults]
        default_realm           = TESTDOMAIN.COM
[realms]
TESTDOMAIN.COM = {
         kdc                     = 107.108.81.221:88
}
[logging]
        kdc                     = FILE:/var/log/kerberos/krb5kdc.log
        admin_server       = FILE:/var/log/kerberos/kadmin.log
        default                 = FILE:/var/log/kerberos/krb5lib.log

[login]
        krb4_convert            = false
        krb4_get_tickets        = false

  /usr/local/var/krb5kdc/kdc.conf

[kdcdefaults]
    kdc_ports = 88
    kadmind_ports = 749
    v4_mode = nopreauth
[realms]
    TESTDOMAIN.COM = {
        database_name = /usr/local/var/krb5kdc/principal
        admin_keytab = /usr/local/var/krb5kdc/kadm5.keytab
        acl_file = /usr/local/var/krb5kdc/kadm5.acl
        dict_file = /usr/local/var/krb5kdc/kadm5.dict
        key_stash_file = /usr/local/var/krb5kdc/.k5stash
        kdc_ports = 88
        kadmind_port = 749
        max_life = 10h 0m 0s
        max_renewable_life = 7d 0h 0m 0s
        master_key_type = des-cbc-crc
        supported_enctypes = des-cbc-crc:normal des:v4
    }

m2.testdmain.com
==============
#uname -a, gives
Linux m2.testdomain.com 2.6.11-1.1369_FC4 #1 Thu Jun 2 22:55:56 EDT 2005
i686 i686 i386 GNU/Linux
Kerberos version on this machine is krb5-1.4.3
GSSAPI - VERSION
libgssapi_krb5.so.2.2

  /etc/krb5.conf

[libdefaults]
        default_realm = TESTDOMAIN.COM
[realms]
 TESTDOMAIN.COM = {
        kdc = 107.108.81.221:88
        default_domain = testdomain.com

}

[domain_realm]
        testdomain.com = TESTDOMAIN.COM
        .testdomain.com = TESTDOMAIN.COM

[logging]
        default = FILE:/var/log/krb5libs.log
        kdc = FILE:/var/log/krb5kdc.log
        admin_server = FILE:/var/log/kadmind.log

 Thanks a lot for your help.

Regards,
RSJ

On 4/28/06, Sam Hartman <hartmans at mit.edu> wrote:
>
> Your KDC should not crash.  I suggest you report a bug to your OS
> manufacturer.  Alternatively, try building Kerberos from source.  If
> that still crashes, you can work with MIT to report a bug to us.
>
> --Sam
>
>



More information about the Kerberos mailing list