On Thu, 7 Nov 2002, Allister Maguire wrote:
Hello,
This is what you need in radius.conf:
Thanks Allister! I added the bits you mentioned in radiusd.conf and it
made things happen differently. Unfortunately it's still not working, but
we're getting closer :)
After including the relevent
On Thu, Nov 07, 2002 at 11:47:03AM -0500, Brian Johnson wrote:
auth: type Kerberos
modcall: entering group authenticate
rlm_krb5: krb5 server princ name: hythloth.netcom.duke.edu
rlm_krb5: verify_krb_v5_tgt: host key not found : No such file or
directory
So I'm now no longer seeing a
On Thu, 7 Nov 2002, Steve Langasek wrote:
The Kerberos module was recently fixed to require a Kerberos host
principal on the RADIUS server to ensure that responses from the KDC are
properly verified. It seems freeradius is not finding your host key.
You say that you have /etc/krb* files in
Headed down to the court house right now to get it legally changed...any
suggestions before I go? ;)
On Thu, 7 Nov 2002, Brian Johnson wrote:
STOP USING MY NAME! ;)
JK
Brian J.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
] On Behalf Of
Brian Johnson
Sent: Thursday, November 07, 2002 2:21 PM
To: [EMAIL PROTECTED]
Subject: RE: more Kerberos fun
Headed down to the court house right now to get it legally
changed...any
suggestions before I go? ;)
On Thu, 7 Nov 2002, Brian Johnson wrote:
STOP USING MY
On Tue, 5 Nov 2002, Alan DeKok wrote:
So run the server in debugging mode, as it suggests in the README,
the documention, and in the FAQ.
I'll start here with an apology to the list. This was inexcusable on my
part. Thanks for going easy.
Here's the debugging info as requested. In my
Brian Johnson [EMAIL PROTECTED] wrote:
Here's the debugging info as requested. In my users file, I added:
DEFAULT Auth-Type = Kerberos
Reply-Message = Hello, Brian
Try 'Auth-Type := Kerberos', I think.
modcall[authorize]: module files returns notfound
modcall: group authorize
On Wed, 6 Nov 2002, Alan DeKok wrote:
Brian Johnson [EMAIL PROTECTED] wrote:
Here's the debugging info as requested. In my users file, I added:
DEFAULT Auth-Type = Kerberos
Reply-Message = Hello, Brian
Try 'Auth-Type := Kerberos', I think.
Ah, it does make a
Brian Johnson [EMAIL PROTECTED] wrote:
modcall: group authorize returns ok
rad_check_password: Found Auth-Type Kerberos
auth: type Kerberos
auth: Failed to validate the user.
Yup. The kerberos module returns helpful debugging messages,
doesn't it?
As always, I'm happy to provide any
On Wed, 6 Nov 2002, Alan DeKok wrote:
Brian Johnson [EMAIL PROTECTED] wrote:
modcall: group authorize returns ok
rad_check_password: Found Auth-Type Kerberos
auth: type Kerberos
auth: Failed to validate the user.
Yup. The kerberos module returns helpful debugging messages,
Hello,
This is what you need in radius.conf:
You need to add a empty krb5 to the module section. (It takes no
parameters).
modules {
krb5 {
}
}
And then add krb5 to auth section:
authenticate {
krb5
}
This part is correct:
Auth-Type := Kerberos
Regards
On Thu, 7 Nov 2002, Allister Maguire wrote:
Hello,
This is what you need in radius.conf:
You need to add a empty krb5 to the module section. (It takes no
parameters).
modules {
krb5 {
}
Wow, it looks like I was closer than I thought with my guess. I look
Hello again,
Thanks again to the folks who helped me get kerberos compiled in my
freeradius. Unfortunately, the fun didn't stop there...
I've been trying to find some information on how I need to configure the
server to authenticate with kerberos. I found a few others asking the
question, and
Brian Johnson [EMAIL PROTECTED] wrote:
So, in my /usr/local/etc/raddb/users file, I have:
DEFAULT Auth-Type = Kerberos
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-Routing = Broadcast-Listen,
Framed-MTU = 1500,
Framed-Compression =
14 matches
Mail list logo