Rohit Kumar Mehta <[EMAIL PROTECTED]> writes: > I tried that command and it seems to work:
> nfsv4etch:~# kinit -S host/nfsv4etch.engr.uconn.edu [EMAIL PROTECTED] > Password for [EMAIL PROTECTED]: > nfsv4etch:~# klist > Ticket cache: FILE:/tmp/krb5cc_0 > Default principal: [EMAIL PROTECTED] > Valid starting Expires Service principal > 10/10/06 17:19:07 10/11/06 03:19:12 > host/[EMAIL PROTECTED] > renew until 10/11/06 17:19:07 > Kerberos 4 ticket cache: /tmp/tkt0 > klist: You have no tickets cached Hm, it's very strange that telnet wasn't able to obtain the same credential itself when it tried. > However even with the host credentials, I can't get in: > nfsv4etch:~# telnet -k AD.ENGR.UCONN.EDU -l rohitm nfsv4etch.engr.uconn.edu > Trying 192.168.1.137... > Connected to nfsv4etch.engr.uconn.edu (192.168.1.137). > Escape character is '^]'. > telnetd: Authorization failed. > Connection closed by foreign host. > nfsv4etch:~# ssh [EMAIL PROTECTED] > [EMAIL PROTECTED]'s password: > Permission denied, please try again. > [EMAIL PROTECTED]'s password: > Permission denied, please try again. > [EMAIL PROTECTED]'s password: > Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password). I think for ssh you're going to need to run the server with sshd -ddd and see what it says about the GSSAPI exchange to try to figure out why things are going wrong... although if the client isn't even obtaining a host principal, I'm not sure what would be going wrong. -- Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/> ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
