CANT_FIND_CLIENT_KEY
Russ Allbery
rra at stanford.edu
Tue Mar 30 18:07:08 EDT 2010
Matt Zagrabelny <mzagrabe at d.umn.edu> writes:
> On Tue, 2010-03-30 at 14:46 -0700, Russ Allbery wrote:
>> You need it on the client in addition to the server.
> Good to know. :)
> Unfortunately, the client is a Cisco Catalyst 3750. :/
> workstation% telnet.netkit switch3750
> Trying 10.25.1.14...
> 'autologin': unknown argument ('toggle ?' for help).
> Connected to switch3750.d.umn.edu.
> Escape character is '^]'.
Then that's probably not the problem. The Cisco box almost certainly
hasn't disabled DES (it's probably the only enctype that it supports).
Please show the getprinc output for your krbtgt/* key and the user
principal that you're using. I bet one or the other of them has no DES
key.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the Kerberos
mailing list