On Jun 19, 2009, at 5:17 AM, Remi Ferrand wrote:
However I still have the same error when an ssh connection is tried :
(from AFS AIX client machine)
Jun 19 11:09:59 ccdvrs03 auth|security:debug sshd[385070]: LAM aklog
loaded: uid 0 pag -1
Jun 19 11:09:59 ccdvrs03 auth|security:debug sshd[385070]: LAM aklog
starting: user testkrb5 uid 0
Jun 19 11:09:59 ccdvrs03 auth|security:err|error sshd[385070]: LAM
aklog: get_credv5 returns -1765328352
Jun 19 11:09:59 ccdvrs03 auth|security:info sshd[385070]: Failed
password for USERTEST from 134.158.71.108 port 48307 ssh2
Jun 19 11:09:59 ccdvrs03 auth|security:info syslog: ssh: failed login
attempt for USERTEST from YYYY.YYYYY.fr
(From my KDCs logs)
Jun 19 11:14:29 cckrb01.in2p3.fr krb5kdc[26295](info): TGS_REQ (1
etypes
{1}) 134.158.105.107: PROCESS_TGS: authtime 0, <unknown client> for
afs/[email protected], Ticket expired
Jun 19 11:14:29 cckrb01.in2p3.fr krb5kdc[26295](info): TGS_REQ (1
etypes
{1}) 134.158.105.107: PROCESS_TGS: authtime 0, <unknown client> for
afs/[email protected], Ticket expired
If those are the matching log entries, I'd suggest checking the clock
on both machines.. 11:09:59 vs 11:14:29 is enough of a time difference
to cause issues.
If I set my clock to be 4m 30s behind, I get 'ticket expired' versus
'clock skew too great'.
--
Mike Garrison
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
