mac heimmal / MIT server problem with 2FA
Charles Hedrick
hedrick at rutgers.edu
Wed Sep 26 11:43:16 EDT 2018
Client: Mac Mojave
Server: IPA newest version
Command: /usr/bin/kinit --fast-armor-cache=FILE:/tmp/krb5cc_1003 hedrick
with KRB5_TRACE set, shows it is sending UDP packets to the server but getting no response.
tcpdump shows the packets, but there is no entry for the transaction in /var/log/krb5kdc.log
changing to tcp has no effect. tcpdump shows a connection is established, but krb5kdc.log doesn’t show it. The client says
failed to get nbytes from socket, no bytes there?: tcp 128.6.4.10:88 (krb2.cs.rutgers.edu) tid: 00000002
tcpdump shows the client opened a connection and sent 972 bytes. The server closed the connection.
An MIT Kerberos client installed through Macports works fine.
More information about the Kerberos
mailing list