Hi, I am a bit lost and tired on this issue I'm having. I was able to setup kerberos with nfs on multiple servers all running Debian wheezy with kernel version 3.2.0-4-amd64. But, one server (actually the one I want the nfs exports to reside on) which is running a RHEL kernel 2.6.32-29-pve I'm having problems mounting its exports.
It took me some time to figure out where the problem is happening, I've now tracked down where what the issue is. Here is the log messages for rpc.svcgssd. *svcgssd_limit_krb5_enctypes: Calling gss_set_allowable_enctypes with 7 enctypes from the kernel* *WARNING: gss_accept_sec_context failed* *ERROR: GSS-API: error in handle_nullreq: gss_accept_sec_context(): GSS_S_FAILURE (Unspecified GSS failure. Minor code may provide more information) - Invalid argument* *sending null reply* *writing message: \x \x6082028406092a864886f71201020201006e8202733082026fa003020105a10302010ea20703050020000000a38201726182016e3082016aa003020105a10e1b0c4d4f4e474f5042582e4e4554a2263024a003020103a11d301b1b036e66731b146d666c2d7673312e6d6f6e676f7062782e6e6574a382012930820125a003020112a103020105a28201170482011390df922f6a3f13cc1d4e7b6009b5ce1e721f69a3c1614cd8a5658fedb56af849f10e1f7da68e38ee8b052d5071ce843f46e75c5201cc532ded197e6015741c83ae9fa5d4718b32b1138fc56961a708afd26132069329774d810c23ab12578619a88cd38f5daa04ffaa70ab47c3055f6728b21b6d8ea617df0610b4e78ae2238e96d95e72de9898c42d65f039a2e57090c3fb752b800a1fbd384996be02825a1658bac60343054ec5a235e2786e47b35b62c8abf7cabede9d3e25b759886d19ad9bc89a7491e21ea6100527f985eb893df8a1dcab197e27080a3613cd5c34f55f30eccf40d90e70450d83dbc1a374965d5eb24778e44d2a5f1efd5d796ce6869928c79125ef95cee2d9e92753597b4bf28947a9a481e33081e0a003020112a281d80481d598f3043ec9c62eef9a3d14936db04f9d02b646b81867f5daf70efde3280042e3ff525b514f6e90dede10e650c3f037f10d517687cd2881d46ec2d! 0d2f8930ec3fc1a0455d83a668a297d196572cc644787750e9f4bdf9b77d96510150618d7d9633f64614b12913d50cc52a75073d2327b015bbf44e97b81e32d31571d2cd636c170ae5d3e15b5d8b6c4c4c886e2482eb95b821f1b02c0fb6c1ab34f2a9ee19e19db568531da4eb4286526a374b07eb1915665aba93839206a7d82e0ef374da34e042424e1bd99fca55c2049df1a680f1c6fae3a3f 1434954497 851968 22 \x \x * *finished handling null request* *entering poll* The error messages are not much descriptive, and for someone not very familiar with all this it gives no clue what the problem is. So I modified the source code to add some printf stmts to print the values for all possibly returned macros, which is gss_s_call_inaccessible_read = 16777216 gss_s_call_inaccessible_write = 33554432 gss_s_call_bad_structure = 50331648 gss_s_bad_mech = 65536 gss_s_bad_name = 131072 gss_s_bad_nametype = 196608 gss_s_bad_bindings = 262144 gss_s_bad_status = 327680 gss_s_bad_sig = 393216 gss_s_no_cred = 458752 gss_s_no_context = 524288 gss_s_defective_token = 589824 gss_s_defective_credential= 655360 gss_s_credentials_expired = 720896 gss_s_context_expired = 786432 gss_s_failure = 851968 gss_s_bad_qop = 917504 gss_s_unauthorized = 983040 gss_s_unavailable = 1048576 gss_s_duplicate_element = 1114112 gss_s_name_not_mn = 1179648 and found that *gss_accept_sec_context* returned *GSS_S_BAD_QOP*. So what I am looking for help is what may cause this to happen on Linux 2.6.x? does this make sense at all? or probably something else? Thank You. -- Aron Podrigal - //Be happy :-) ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos