I've put a kerberos principle into a keytab: # klist -k asterisk.keytab Keytab name: FILE:asterisk.keytab KVNO Principal ---- -------------------------------------------------------------------------- 8 aster...@example.com
using:
# ipa-getkeytab -s server.example.com -p asterisk -k /tmp/asterisk-krb5.keytab
-e aes256-cts
But when I try to use that keytab I get an error:
# kinit -k -t /etc/asterisk/asterisk.keytab imap/linux.example....@example.com
kinit: Generic preauthentication failure while getting initial credentials
On the server I get the following error:
Sep 23 19:30:39 server.example.com krb5kdc[28970](info): AS_REQ (7 etypes {18
17 16 23 1 3 2}) xxxxxx: NEEDED_PREAUTH: imap/linux.example....@example.com for
krbtgt/example....@example.com, Additional pre-authentication required
Any idea what is going on here?
Cheers,
b.
signature.asc
Description: This is a digitally signed message part
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
