Problem with db master password migrating kerberos server to new machine

Rainer Krienke krienke at uni-koblenz.de
Tue Feb 7 03:17:26 EST 2017


Hello,

I run a linux machine A with SuSE SLES11SP4 with a working kerberos
server (version 1.6.3) and want to migrate this server to a new linux
SLES12SP2 machine B where the kerberos installation  (version 1.12.5) is
a little more recent.

I tried to tar the whole stuff in /var/lib/kerberos/krb5kdc on machine A
and then extract it on machine B. Part of this tar is also the stash
file. /etc/krb5.conf is identical on both machines

Afterwards I am able to run kamin.local and can eg list all the
principals. However I am unable to login using kamin.local -m  using my
database master password which works on server A. I see the following
error message if I try on machine B:

kadmin.local: Unable to decrypt latest master key with the provided
master key  while initializing kadmin.local interface

Does anyone know why it could not be working, or what I have to do to
get it working again? I do not understand this at the moment. What else
aside from the original db password and the principals could this login
depend on?

Thanks a lot for any help
Rainer
-- 
Rainer Krienke, Uni Koblenz, Rechenzentrum, A22, Universitaetsstrasse 1
56070 Koblenz, Tel: +49261287 1312 Fax +49261287 100 1312
Web: http://userpages.uni-koblenz.de/~krienke
PGP: http://userpages.uni-koblenz.de/~krienke/mypgp.html

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5109 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20170207/60d00d3f/attachment.bin


More information about the Kerberos mailing list