On Thu, 27 May 2010 19:13:47 +0200
Thomas Sailer <t.sai...@alumni.ethz.ch> wrote:

> On Thu, 2010-05-27 at 12:27 -0400, Simo Sorce wrote:
> > Try adding allow_weak_crypto = true to your krb5.conf or
> > alternatively rekey your NFS credentials to add RC4/AES keys
> > (rekeying works only if both client and server kernels supporting
> > anything but DES, I think F13's kernels should have those patches
> > now, but old kernels support only DES).
> Thanks for the hint! Unfortunately, it does not help. I've put
> allow_weak_crypto=true in the libdefaults section, but I still get
> permission denied when trying to access the mount directory as
> non-root.
> However, I got my rawhide machine connecting to the IPA server that
> way :)
> I think allow_weak_crypto is only necessary for krb5 1.8 and later,
> while F13 still has 1.7.

Oh right,
then I guess you need to look into syslog to see if you can find any
other hint.

does the gssd daemon log anything ?


Simo Sorce * Red Hat, Inc * New York

Freeipa-users mailing list

Reply via email to