To recap, this bug was about necessary iptables / firewall changes to
allow password changes via the kpasswd protocol. You were seeing the
error message:
May 25 10:36:35 kdc1 kadmind[1385]: chpw: Couldn't connect to client: No such
process
from kadmind when the client tried to change their
On Sat, May 24, 2008 at 10:02:31AM -0700, Russ Allbery wrote:
Could you provide more information about where you're seeing this problem?
Stanford University is using, in production, the following firewall rules:
The log shows the following:
| May 25 10:36:35 kdc1 kadmind[1385]: chpw: Couldn't
Bastian Blank [EMAIL PROTECTED] writes:
The log shows the following:
| May 25 10:36:35 kdc1 kadmind[1385]: chpw: Couldn't connect to client: No
such process
And holds several extra sockets open:
| # netstat -ulpen
| Active Internet connections (only servers)
| Proto Recv-Q Send-Q Local
Package: krb5-admin-server
Version: 1.6.dfsg.3-2
Severity: important
There is no documentation about the firewall changes necessary for the
kpasswd service. This is problematic because the naiv variant[1] does
not work. kadmin uses a different source port for the communication back
to the client.
severity 482679 normal
tags 482679 moreinfo
thanks
Bastian Blank [EMAIL PROTECTED] writes:
Package: krb5-admin-server
Version: 1.6.dfsg.3-2
Severity: important
There is no documentation about the firewall changes necessary for the
kpasswd service. This is problematic because the naiv
5 matches
Mail list logo