Kerberos question
I am trying to setup Kerberos on my Mandriva 2008.1 server. I think it is correctly configured but when I get login with telnet I was getting the following error:
Trying 192.168.1.12...
Connected to server01.bluemapletech.com (192.168.1.12).
Escape character is '^]'.
Waiting for encryption to be negotiated...
[ Kerberos V5 refuses authentication because telnetd: krb5_rd_req failed: No such file or directory ]
[ Kerberos V5 refuses authentication because telnetd: krb5_rd_req failed: No such file or directory ]
[ Kerberos V5 refuses authentication because telnetd: krb5_rd_req failed: No such file or directory ]
Negotiation of authentication, which is required for encryption,
has failed. Good-bye.
With some investigation I realized I did not have an /etc/krb5.keytab file, the book never told me to, or how, to create it. So I copied the /etc/kerberos/krb5kdc/kadm5.keytab to /etc/krb5.keytab and it seems to work although it just dumps me out of telnet right away, I cannot use telnet:
Trying 192.168.1.12...
Connected to server01.bluemapletech.com (192.168.1.12).
Escape character is '^]'.
Waiting for encryption to be negotiated...
[ Kerberos V5 accepts you as ``whobbie@BLUEMAPLETECH.COM'' ]
done.
Last login: Mon Sep 1 14:13:31 from server01
What am I doing wrong?
Also, I got to thinking that copying the keytab was wrong or at least overkill, I found this command:
kadmin.local -q 'ktadd -k /etc/krb5.keytab host/server01.bluemapletech.com'
I tried creating my /etc/krb5.keytab file this way, but then I get the following error:
Trying 192.168.1.12...
Connected to kerberos.bluemapletech.com (192.168.1.12).
Escape character is '^]'.
Waiting for encryption to be negotiated...
[ Kerberos V5 refuses authentication because telnetd: krb5_rd_req failed: Key version number for principal in key table is incorrect ]
[ Kerberos V5 refuses authentication because telnetd: krb5_rd_req failed: Key version number for principal in key table is incorrect ]
[ Kerberos V5 refuses authentication because telnetd: krb5_rd_req failed: Key version number for principal in key table is incorrect ]
Negotiation of authentication, which is required for encryption,
has failed. Good-bye.
Again, am I doing something wrong?
|