Kerberos problem with AES256-SHA1

Zdravko Talevski zdravcee at gmail.com
Thu Aug 19 04:40:44 EDT 2010 

Hello Kerberos,

first of all,thank You on your quick response to my letter.Second...as you
can read from the message that I'm forwarding you....I probably have some
gcc wrapper problem.I'm not developer,so most of those lines that you wrote
me(I appreciate),but I don't fully understand them.Also I'm a newbee in
Linux.This is a project that was assigned to me by the management of my
company.Don't get me wrong..I'm not asking of you to solve my
problem,....only a simple explanation of the things that I need to focus
on,in order to find my error.I will attach my setup of my Kerberos
authentication mechanism (Kerberos.zip) and the kerbtray report from the
client (kerbtray.zip).Any help is appreciated.Thanks again.

P.S. Sorry for sending my first letter to krb5-bugs at mit.edu:

*"* Hello guys,

this is my first letter that I'm sending to the MIT-Kerberos community.I
have little problem regarding Kerberos implementation in my firm.The problem
is visually explained in my
two attachments.The first one-Kerberos.zip,is explaining my whole virtual
network setup,Kerberos settings,etc.The second one kerbtray.zip is showing
the tickets that my client is receiving.The strangest thing is that the
encryption mechanism doesn't match at the end.As a result from this I cannot
access my webpage located on my Apache server which is on Linux Debian
box.The point of my project was to make SSO for our webserver.Please look at
my screenshots,and if you can come up with some kind of suggestion,please
contact me.Thanks for your time.
*"*

Best regards,
Zdravko.

---------- Forwarded message ----------
From: subashtc <rt-comment at krbdev.mit.edu>
Date: Sat, Aug 14, 2010 at 11:01 AM
Subject: RE: [krbdev.mit.edu #6756] KDC 1.6/1.7/1.8 Installation
To:


Hi Greg,
   Thanks for your support. I think it worked.
   Make test seems to fail probably due to some DNS config missing.

Thanks & Regards,
Subash
Changing the Way We Live, Work, Play and Learn
<part-logs>
make[2]: Entering directory `/root/u1/krb5-1.8.2/src/tests/resolve'
LD_LIBRARY_PATH=`echo -L../../lib | sed -e "s/-L//g" -e "s/ /:/g"`;
export LD_LIBRARY_PATH;   ./resolve
Hostname:  eveready
Host address: 10.64.x.y
FQDN: eveready

Resolve library did not return a fully qualified domain name.

If you are using /etc/hosts before DNS, e.g. "files" is listed first
for "hosts:" in nsswitch.conf, ensure that you have listed the FQDN
as the first name for the local host.

If this does not correct the problem, you may have to reconfigure the
kerberos
distribution to select a different set of libraries using
--with-netlib[=libs]
make[2]: *** [check] Error 3
make[2]: Leaving directory `/root/u1/krb5-1.8.2/src/tests/resolve'
make[1]: *** [check-recurse] Error 1
make[1]: Leaving directory `/root/u1/krb5-1.8.2/src/tests'
make: *** [check-recurse] Error 1
</part-logs>

-----Original Message-----
From: Greg Hudson via RT [mailto:rt-comment at krbdev.mit.edu]
Sent: Thursday, August 12, 2010 11:54 PM
To: Subash Comerica (subashtc)
Subject: [krbdev.mit.edu #6756] KDC 1.6/1.7/1.8 Installation

Please send questions in email to kerberos at mit.edu instead of submitting

them as bug reports.

Your problem is a broken gcc wrapper script on your system, as seen
here:

gcc [...] -DCMD_PATH='"/bin /local/bin"' [...] -c authorization.c
gcc.orig: /local/bin": No such file or directory
[...]

Your gcc wrapper is not correctly quoting arguments when invoking
gcc.orig, so the CMD_PATH definition is being separated into two
arguments.  If you wrote the wrapper yourself and it's a shell script,
use "$@" (with quotes) to pass the arguments on to gcc.orig instead of
$*.

_______________________________________________
krb5-bugs mailing list
krb5-bugs at mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs

More information about the Kerberos mailing list