Andreas Ntaflos <[email protected]> writes: > But doing simple wallet test runs, like these
> daff@auth01 $ wallet -u daff get keytab test > daff@auth01 $ wallet -u daff/admin get keytab test > daff@other01 $ wallet -u daff get keytab test > daff@other01 $ wallet -u daff/admin get keytab test > all make remctld complain about a wrong principal in request, like this: > remctld[29898]: connect from 10.1.7.41 (10.1.7.41) > remctld[29898]: GSS-API error while accepting context: Unspecified GSS > failure. Minor code may provide more information, Wrong principal in > request > ... > remctld[29047]: connect from 10.1.7.11 (10.1.7.11) > remctld[29047]: GSS-API error while accepting context: Unspecified GSS > failure. Minor code may provide more information, Wrong principal in > request When you do a klist after you run wallet, what principal shows up in your local ticket cache? It's not the same principal as is in /etc/krb5.keytab on the remote system. Usually this means that there's something wrong with your DNS resolution. Something isn't matching somewhere. -- Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/> ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
