Does anyone know how to get ftp working on Kerberos V5. I can connect to the ftp server but I fail to authenticate. I keep getting an error message that "No principal in keytab matches desired name". But my keytab file appears correct. In fact, telnet and rsh are working. The only thing that doesn't work is ftp. I have tried removing the ftp entry from my keytab file (supposedly some versions of kerberos will not work with ftp/host; only host/host) and I connect using the FQDN (also heard ftp is qwerky about FQDNs) but I get exactly the same problems. I have tried everything and poured over all the docs I could get my hands on to no avail. I suspect it's something stupid I am overlooking or maybe there's some obscure work around. Anyway, my boss really wants this implemented and I am stumped. Anyone out there got any ideas? ANY HELP WILL BE GREATLY APPRECIATED!
I PASTED THE ERROR AND MY KEYTAB FILE BELOW: [EMAIL PROTECTED] /usr/kerberos/krb5-1.2.8/src/appl/gssftp/ftp/ftp emssyb1.xx.xx.xx Connected to emssyb1.toplfo.fpl.com. 220 emssyb1 FTP server (Version 5.60) ready. 334 Using authentication type GSSAPI; ADAT must follow GSSAPI accepted as authentication type GSSAPI error major: Miscellaneous failure GSSAPI error minor: No principal in keytab matches desired name GSSAPI error: acquiring credentials GSSAPI ADAT failed GSSAPI authentication failed emssyb1:/>/usr/kerberos/krb5-1.2.8/src/clients/klist/klist -k Keytab name: FILE:/etc/krb5.keytab KVNO Principal ---- -------------------------------------------------------------------------- 3 ftp/[EMAIL PROTECTED] 3 ftp/[EMAIL PROTECTED] 3 host/[EMAIL PROTECTED] 3 host/[EMAIL PROTECTED] 3 telnet/[EMAIL PROTECTED] 3 telnet/[EMAIL PROTECTED] ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
