gss-client error

lizhong Wed, 23 Aug 2006 02:19:44 -0700

Hi all,
    I am using gss-client to connect to my gss-server.I have 3 linux machines 
,machine A is running kdc,machine B is running gss-server,and machine C is 
running gss-client.
    I have created test/[EMAIL PROTECTED] for gss-server.And I started 
gss-server on machine B with cmd:
[EMAIL PROTECTED] gss-sample]# ./gss-server -port 8888 test
    Then I started gss-client on machine C with cmd:
[EMAIL PROTECTED] ./gss-client -port 8888 gcnode029.cap test "halo"
    The gcnode029.cap is the DNS name of machine B.
    But I got the error message below:
    On machine B running gss-server:
GSS-API error accepting context: Unspecified GSS failure.  Minor code may 
provide more information
GSS-API error accepting context: Wrong principal in request
    On machine C running gss-client:
Sending init_sec_context token (size=475)...continue needed...reading token 
flags: 0 bytes read


    But if I run gss-client on machine B, together with gss-server, everything 
runs well.It seems as if the machine C need the right principal to connect the 
machine B. OK, I tried to use klist to show the principals and keytab files on 
both machine, and found nothing different:
    On machine B:
[EMAIL PROTECTED] gss-sample]# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: admin/[EMAIL PROTECTED]

Valid starting     Expires            Service principal
08/23/06 11:10:21  08/23/06 21:10:21  krbtgt/[EMAIL PROTECTED]
        renew until 08/24/06 11:10:20
08/23/06 15:49:20  08/23/06 21:10:21  test/[EMAIL PROTECTED]
        renew until 08/24/06 11:10:20


Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
[EMAIL PROTECTED] gss-sample]# klist -k
Keytab name: FILE:/etc/krb5.keytab
KVNO Principal
---- --------------------------------------------------------------------------
   5 test/[EMAIL PROTECTED]

    On machine C:
[EMAIL PROTECTED] gss-sample]# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: admin/[EMAIL PROTECTED]

Valid starting     Expires            Service principal
08/23/06 16:44:33  08/24/06 02:44:33  krbtgt/[EMAIL PROTECTED]
        renew until 08/24/06 16:44:34
08/23/06 16:44:51  08/24/06 02:44:33  test/[EMAIL PROTECTED]
        renew until 08/24/06 16:44:34


Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
[EMAIL PROTECTED] gss-sample]# klist -k
Keytab name: FILE:/etc/krb5.keytab
KVNO Principal
---- --------------------------------------------------------------------------
   6 test/[EMAIL PROTECTED]

    So I can not find what caused the error of wrong principal in request. Any 
help is appreciated!

________________________________________________
Kerberos mailing list           [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos

gss-client error

Reply via email to