[Gllug] Kerberos Oddity
Steve Nelson
sanelson at gmail.com
Tue Sep 20 09:46:17 UTC 2005
Hello Chums,
Peculiar behaviour when trying to use kerberised rlogin to access a new machine.
On the new machine I've created a keytab as usual:
kadmin -p me/admin
ank -randkey host/$hostname[s]
xst -k /etc/krb5.keytab host/$hostname[s]
chown root krb5.keytab && chmod 400 krb5.keytab
Now I have:
# ls -l /etc/krb5.keytab
-r-------- 1 root root 135 Sep 20 10:14 /etc/krb5.keytab
strings on the keytab reveals the hostnames as expected and the realms
I expect them to belong to.
Now, from another machine, with a new kerb ticket:
# rlogin -x -l root foo.machine.bar
Couldn't authenticate to server: Server rejected authentication
(during sendauth exchange)
Server returned error code 60 (Generic error (see e-text))
Error text sent from server: Key table entry not found
Most puzzled!
I've not done anything particularly different on this occasion...
No messages in auth.log or messages.
# uname -a
Linux c0n1-bundles.com 2.4.21-32.0.1.ELsmp #1 SMP Tue May 17 17:52:23
EDT 2005 i686 i686 i386 GNU/Linux
# cat /etc/redhat-release
Red Hat Enterprise Linux AS release 3 (Taroon Update 5)
I'm stuck! Any ideas?
S.
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list