Solaris 10, secure nfs, permission denied
Jeff Blaine
jblaine at kickflop.net
Thu May 15 13:52:16 EDT 2008
> It looks like maybe you tried to hide some details, but didn't get
> them all? Does your real DNS domain match your REALM name? If not,
> does your krb5.conf (/etc/krb5/krb5.conf) properly map the hosts'
> domain(s) to your realm?
Yes *sigh* :( Everything works properly outside of this
particular krb5 usage. The realm is all set up and working fine
otherwise.
I just wasn't careful enough with my email sanitization.
> BTW, there is no need to limit Solaris 10 hosts to DES-only keys.
> That is a current Linux limitation. As long as your Solaris server
> has a DES key (along with keys for stronger enctypes), the Linux
> client should be able to negotiate the correct DES enctype. Solaris
> 10 servers and clients can handle the stronger encryption types.
Good to know for when I get past this problem. Thanks.
More information about the Kerberos
mailing list