Richard,
Thanks for the reply. I'm not sure I know what to look for. It's
strange. Using ssh, if I issue a null password, I get the following
message:
$ ssh [EMAIL PROTECTED]
Password:
Enter Kerberos password for chq-brettm:
Kerberos authentication failed: password incorrect
If I give a bogus password I get:
ssh [EMAIL PROTECTED]
Password:
Enter Kerberos password for chq-brettm:
Password:
Enter Kerberos password for chq-brettm:
Password:
Enter Kerberos password for chq-brettm:
Permission denied
(gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive).
If I enter the correct password, I get :
$ ssh [EMAIL PROTECTED]
Password:
Enter Kerberos password for chq-brettm:
authentication failed: Decrypt integrity check failed
The ADS server issued a keytab file using the following command:
ktpass -princ host/[EMAIL PROTECTED] -mapuser hostname -pass
hostname -out c:\temp\hostname.host.keytab
As I am not the ADS admin, I have limited visibility there. Is there a
utility(s) I can use on Solaris to monitor Kerberos traffic or do I
need to pick apart snoop(1m) output?
Thanks again,
--Brett
________________________________________________
Kerberos mailing list [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos
