LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
Reload this Page Kerberos question
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 09-01-2008, 02:42 PM   #1
wslyhbb
Member
 
Registered: Apr 2002
Location: Chicago, IL
Distribution: Mandriva 2009.0 PowerPack x86_64
Posts: 150

Rep: Reputation: 15
Kerberos question

I am trying to setup Kerberos on my Mandriva 2008.1 server. I think it is correctly configured but when I get login with telnet I was getting the following error:
Trying 192.168.1.12...
Connected to server01.bluemapletech.com (192.168.1.12).
Escape character is '^]'.
Waiting for encryption to be negotiated...
[ Kerberos V5 refuses authentication because telnetd: krb5_rd_req failed: No such file or directory ]
[ Kerberos V5 refuses authentication because telnetd: krb5_rd_req failed: No such file or directory ]
[ Kerberos V5 refuses authentication because telnetd: krb5_rd_req failed: No such file or directory ]

Negotiation of authentication, which is required for encryption,
has failed. Good-bye.

With some investigation I realized I did not have an /etc/krb5.keytab file, the book never told me to, or how, to create it. So I copied the /etc/kerberos/krb5kdc/kadm5.keytab to /etc/krb5.keytab and it seems to work although it just dumps me out of telnet right away, I cannot use telnet:
Trying 192.168.1.12...
Connected to server01.bluemapletech.com (192.168.1.12).
Escape character is '^]'.
Waiting for encryption to be negotiated...
[ Kerberos V5 accepts you as ``whobbie@BLUEMAPLETECH.COM'' ]
done.
Last login: Mon Sep 1 14:13:31 from server01

What am I doing wrong?

Also, I got to thinking that copying the keytab was wrong or at least overkill, I found this command:
kadmin.local -q 'ktadd -k /etc/krb5.keytab host/server01.bluemapletech.com'
I tried creating my /etc/krb5.keytab file this way, but then I get the following error:
Trying 192.168.1.12...
Connected to kerberos.bluemapletech.com (192.168.1.12).
Escape character is '^]'.
Waiting for encryption to be negotiated...
[ Kerberos V5 refuses authentication because telnetd: krb5_rd_req failed: Key version number for principal in key table is incorrect ]
[ Kerberos V5 refuses authentication because telnetd: krb5_rd_req failed: Key version number for principal in key table is incorrect ]
[ Kerberos V5 refuses authentication because telnetd: krb5_rd_req failed: Key version number for principal in key table is incorrect ]

Negotiation of authentication, which is required for encryption,
has failed. Good-bye.

Again, am I doing something wrong?
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Noobie Kerberos / single signon question. charlweed Linux - Security 2 01-02-2008 10:56 AM
kerberos paul_mat Linux - Networking 0 05-10-2006 12:02 AM
kerberos denning Slackware 1 11-02-2005 07:04 AM
Kerberos Krizzc Slackware 0 10-21-2004 07:10 AM
Kerberos krieger Linux - Security 1 01-29-2002 01:40 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 12:01 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration