Derek Warren <[email protected]> writes: > Given a working Kerberos environment where I can kinit -k HOST$ and add > a service principal:
> 1) What is a Kerberos context? A Kerberos context is an internal data structure that's required for all other operations in the standard Kerberos API. Creating a new Kerberos context is the first step in any software that uses the Kerberos API directly. > 2) Why would rpc.gssd on the client be unsuccessful in creating a > Kerberos context? This depends on whether they're using the term in the standard Kerberos API way, or whether they mean something different by it. If the reported error message refers to the API construct called the Kerberos context, the message would mean that krb5_init_context() failed. Very few things can cause this to fail. The most common is that the krb5.conf file used for this program is either corrupt or unreadable. However, it could mean that they mean something more generic by this error message, such as "authentication failed" or "couldn't find your ticket cache" or "couldn't obtain service tickets." My guess is that it's just a sloppy error message and means "something related to Kerberos that we were trying to do didn't work." -- Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/> ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
