On Thu, 2010-05-27 at 09:09 -0400, Rob Crittenden wrote:
I assume the keytab is still valid since the mount succeeds and root
works. Kerberos otherwise works ok on this machine, you can kinit, etc?
Hm, the server didn't change, and on the client klist
-k /etc/krb5.keytab -e does not suggest
On Thu, 2010-05-27 at 12:27 -0400, Simo Sorce wrote:
Try adding allow_weak_crypto = true to your krb5.conf or alternatively
rekey your NFS credentials to add RC4/AES keys (rekeying works only if
both client and server kernels supporting anything but DES, I think
F13's kernels should have
On Thu, 27 May 2010 12:27:49 -0400
Simo Sorce sso...@redhat.com wrote:
Tom,
apologies, I meant Thomas, not enough sleep I gues :/
Simo.
--
Simo Sorce * Red Hat, Inc * New York
___
Freeipa-users mailing list
Freeipa-users@redhat.com
On Thu, 27 May 2010 23:58:28 +0200
Thomas Sailer sai...@sailer.dynip.lugs.ch wrote:
For some reason I have no clue about, it does not like my credentials
cache (/tmp/krb5cc_1591) when not run from the console.
I suspect an SELinux issue in this case, because manually starting it
will run it as
On Thu, 2010-05-27 at 14:30 -0400, Simo Sorce wrote:
Oh right,
then I guess you need to look into syslog to see if you can find any
other hint.
does the gssd daemon log anything ?
It can be made to talk, like this:
rpc.gssd -f -vv -rr
Messages at startup:
Warning: rpcsec_gss