have never been worked with krb5 in postgresql? On 10/12/09, rahimeh khodadadi <[email protected]> wrote: > nobody could help me? > > On Sun, Oct 11, 2009 at 5:06 PM, rahimeh khodadadi < > [email protected]> wrote: > >> Hi, >> >> after compling the postgresql --with-krb5 and setting up the krb5-server >> in centos, I configured the *postgresql.conf* as bellow: >> >> *krb_server_keyfile = '/var/kerberos/krb5kdc/kadm5.keytab'* >> *krb_srvname = 'POSTGRES' * # (Kerberos only) >> #krb_caseins_users = off >> >> and >> >> my *pg_hba.conf* is : >> >> # "local" is for Unix domain socket connections only >> local all postgres trust >> # IPv4 local connections: >> host all *frank* 0.0.0.0/0 krb5 >> #host all all 127.0.0.1/32 trust >> # IPv6 local connections: >> host all all ::1/128 trust >> >> >> ,and kdc.conf >> >> kdcdefaults] >> v4_mode = nopreauth >> kdc_tcp_ports = 88 >> >> [realms] >> EXAMPLE.COM = { >> #master_key_type = des3-hmac-sha1 >> * acl_file = /var/kerberos/krb5kdc/kadm5.acl* >> dict_file = /usr/share/dict/words >> admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab >> supported_enctypes = des3-hmac-sha1:normal arcfour-hmac:normal >> des-hmac-sha1:normal des-cbc-md5:normal des-cbc-crc:normal des-cbc-crc:v4 >> des-cbc-crc:afs3 >> } >> >> Then, I created the user frank as : >> >> kadmin.local >> Authenticating as principal rahimeh/[email protected] with password. >> kadmin.local: * ank frank* >> WARNING: no policy specified for [email protected]; defaulting to no >> policy >> Enter password for principal "[email protected]": >> Re-enter password for principal "[email protected]": >> >> *kadmin.local: ktadd -k /var/kerberos/krb5kdc/kadm5.keytab frank* >> Entry for principal frank with kvno 2, encryption type Triple DES cbc >> mode >> with HMAC/sha1 added to keytab WRFILE:/var/kerberos/krb5kdc/kadm5.keytab. >> Entry for principal frank with kvno 2, encryption type ArcFour with >> HMAC/md5 added to keytab WRFILE:/var/kerberos/krb5kdc/kadm5.keytab. >> Entry for principal frank with kvno 2, encryption type DES with HMAC/sha1 >> added to keytab WRFILE:/var/kerberos/krb5kdc/kadm5.keytab. >> Entry for principal frank with kvno 2, encryption type DES cbc mode with >> RSA-MD5 added to keytab WRFILE:/var/kerberos/krb5kdc/kadm5.keytab. >> >> Finally, it gives error like: >> >> [r...@localhost ~]# *kinit frank* -t /var/kerberos/krb5kdc/kadm5.keytab >> Password for [email protected]: >> *kinit(v5): Password incorrect while getting initial credentials* >> >> or >> >> in cmd when I run this instruction the below error is shown. >> >> [r...@localhost bin]# ./psql -h 127.0.0.1 -U frank >> *psql: krb5_sendauth: Bad application version was sent (via sendauth)* >> >> >> Please help me. >> >> >> >> -- >> With Best Regards >> Miss.KHodadadi >> > > > > -- > With Best Regards > Miss.KHodadadi >
-- With Best Regards Miss.KHodadadi -- Sent via pgsql-admin mailing list ([email protected]) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-admin
