kwc at citi.umich.edu
Mon Oct 15 10:11:29 EDT 2007
On 10/13/07, Roberto C. Sánchez <roberto at connexer.com> wrote:
> I have encoutered some weirness with machine credentials (I think).
> Maybe someone can explain what is happenning.
> Here is my configuration:
> server1: exports user home directories via NFS using gss/krb5p
> server2: is the KDC and mounts the home directories as a client
> server3: just mounts the user home directories as a client
> Now, if server1 or server3 reboots, there is no problem. However, if
> server2 reboots, I must run kadmin on server1, remove the nfs/server1
> key from the local keytab and add it back in. Then I must restart the
> NFS service. After that server2 and server3 can again mount the home
> Why is this. Is it because server2 is the KDC. But why would server2's
> reboot necessitate regenerating the nfs/server1 key on server1?
This sounds very strange. server2 is not storing the kerberos
database in NFS is it?
I'm assuming these are all Linux machines. If so, contact me off-list
with exact error messages that you encounter after rebooting server2.
More information about the Kerberos