I've put a kerberos principle into a keytab: # klist -k asterisk.keytab Keytab name: FILE:asterisk.keytab KVNO Principal ---- -------------------------------------------------------------------------- 8 aster...@example.com
using: # ipa-getkeytab -s server.example.com -p asterisk -k /tmp/asterisk-krb5.keytab -e aes256-cts But when I try to use that keytab I get an error: # kinit -k -t /etc/asterisk/asterisk.keytab imap/linux.example....@example.com kinit: Generic preauthentication failure while getting initial credentials On the server I get the following error: Sep 23 19:30:39 server.example.com krb5kdc[28970](info): AS_REQ (7 etypes {18 17 16 23 1 3 2}) xxxxxx: NEEDED_PREAUTH: imap/linux.example....@example.com for krbtgt/example....@example.com, Additional pre-authentication required Any idea what is going on here? Cheers, b.
signature.asc
Description: This is a digitally signed message part
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project