Decrypt integrity check failed
First of all I created a principal name test. It is successfully created
i entered the password for it two times.
at this time the following attributes of test principal has the database
kadmin.local: getprinc test
Principal: [EMAIL PROTECTED]
Expiration date: [never]
Last password change: Mon Jul 07 17:01:30 Gmt 2003
Password expiration date: [none]
Maximum ticket life: 24855 days 03:14:07
Maximum renewable life: 24855 days 03:14:07
Last modified: Mon Jul 07 17:01:30 Gmt 2003 (root/[EMAIL PROTECTED])
Last successful authentication: [never]
Last failed authentication: [never]
Failed password attempts: 0
Number of keys: 1
Key: vno 1, DES cbc mode with CRC-32, no salt
Attributes:
Policy: [none]
Then i added the entry for the principal in the keytab file as
kadmin.local: ktadd test
Entry for principal test with kvno 2, encryption type DES-CBC-CRC added to keytab
WRFILE:/etc/krb5/krb5.keytab.
Then the attribute of test principal in the database are as follows
kadmin.local: getprinc test
Principal: [EMAIL PROTECTED]
Expiration date: [never]
Last password change: Mon Jul 07 17:04:24 Gmt 2003
Password expiration date: [none]
Maximum ticket life: 24855 days 03:14:07
Maximum renewable life: 24855 days 03:14:07
Last modified: Mon Jul 07 17:04:24 Gmt 2003 (root/[EMAIL PROTECTED])
Last successful authentication: [never]
Last failed authentication: [never]
Failed password attempts: 0
Number of keys: 1
Key: vno 2, DES cbc mode with CRC-32, no salt
Attributes:
Policy: [none]
The enteries in the keytab file shows as follows
klist -k
Keytab name: FILE:/etc/krb5/krb5.keytab
KVNO Principal
---- --------------------------------------------------------------------------
3 host/[EMAIL PROTECTED]
7 root/[EMAIL PROTECTED]
2 [EMAIL PROTECTED]
Now i want to get the ticket of principal test with kinit command.
kinit test
Password for [EMAIL PROTECTED]:
kinit: Password incorrect
i entered the password correctly which i entered the first time.But automatically
password is
changed. i have tried this with two or three principals.
Now if i change the password using kadmin then kVNO is changed and becomes 3
But in the keytable file krb5.keytab its version number is 2 now in the database KVNO
is 3 so here is missmatch of keys number.
If i repeat the step once again and add entery once again in the key tab file
then the keyVNO became same at both places that is 4.
Now if i want to get the credential for the principal test then the again error
message comes that your password is in correct.so this goes same like a loop.
Another solution is that if i change the KVNO using gkadmin programe
the KVNO is successfully changed.
Then my programe gives me the following error message while accepting security context
GSS-API error accepting context: Unspecified GSS failure. Minor code may provide more
information
GSS-API error accepting context: Decrypt integrity check failed
please help me in this regard
Thanks in advance
By Reahan Bahria University (BIMCS) ISlamabad
---------------------------------
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
________________________________________________
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
