Daniel Savard wrote:
You missing setting keytab file for coda service in case you already have principal host/<SCM name in capital>@MYCORP.CA which is a principal for coda service. Better is to use "coda" instead of "host" as a primary name because the name may clash with the name of rsh/telnet service. Adding service principal to Kerberos database is done with kadmin and the command addprinc -randkey <principal name> (you will never need its key/password so making it at random is OK). After the principal is added to the Kerberos database you should call kadmin from SCM machine and transfer the service key to local keytab file (/etc/krb5.keytab on SCM). It is done with command ktadd <service principal name>.I am trying to implement Kerberos authentication for Coda. I created a test user in Coda with pdbtool and the same user exists in Kerberos. I checked Kerberos authentication with kinit and it is working fine. While trying to clog I am getting the following messages:
username: [EMAIL PROTECTED] krb5.c: Server not found in Kerberos database while preparing AP_REQ Password for [EMAIL PROTECTED]: krb5.c: Server not found in Kerberos database while preparing AP_REQ Failed to get secret for somehost.mycorp.ca Invalid login (RPC2_FAIL (F)).
MYCORP.CA is the Kerberos realm and somehost.mycorp.ca is the Coda realm.
In my venus.conf I have the following lines:
realm="somehost.mycorp.ca" kerberos5service="host/%s" kerberos5realm=MYCORP.CA kerberos5kinit="kinit"
What am I missing?
TIA
Daniel
I suppose you have MIT Kerberos.
The coda should be working now.
Good luck!
