[OpenAFS] klog incompatibility
Hartmut Reuter
reuter@rzg.mpg.de
Tue, 03 Aug 2004 17:08:17 +0200
I remember there is some problem with crypt(). If the password is
shorter than 8
characters then ka_StringToKey() uses crypt() for some reason to make it
look longer.
In our cell we use only kerb4 keys so this doesn't hurt, but in the
general case
with kaserver or heimdal and default_keys including "afs" or "afs3" it does.
Unfortunately all our machines now are upgraded to AIX 5.2 so I cannot
really
rebuild my rs_aix51 tree anymore.
It could also help to not use any optimization in the critical
subdirectories such as
des, rxkad and kauth.
Can you try the klog from /afs/ipp-garching.mpg.de/rs_aix52/bin ? I
think since it is
linked statically it should run also under AIX 5.1.
Good luck!
Hartmut
Hans-Gunther Borrmann wrote:
> Hello,
>
> Environments:
>
> Test cell test.uni-freiburg.de: OpenAFS 1.3.65 server and client software
> under AIX 5.1
>
> production cell uni-freiburg.de
> 2 IBM AFS 3.6 servers, one OpenAFS 1.3.65 server
>
> sv11: client only, binaries of Hartmut Reuter, runs under AIX 5.1.
>
> If I use the klog of the distribution of Hartmut Reuter, I cannot get tokens
> for test.uni-freiburg.de but for uni-freiburg.de
> If I use the klog from 1.3.65 I can get tokens for test.uni-freiburg.de but
> not for uni-freiburg.de
> I have testet also under SUSE 9.0 and the OpenAFS which comes with the
> distribution and have the same problem. I cannot get tokens for
> test.uni-freiburg.de. Output from sv11 follows:
>
> [root@sv11:root]# fs wscell
> This workstation belongs to cell 'uni-freiburg.de'
> [root@sv11:root]# klog hgb
> Password:
> [root@sv11:root]# tokens
>
> Tokens held by the Cache Manager:
>
> User's (AFS ID 1026) token for afs@uni-freiburg.de [Expires Aug 4 17:48]
> --End of list--
> [root@sv11:root]# unlog
> [root@sv11:root]# klog hgb@test.uni-freiburg.de
> Password:
> Unable to authenticate to AFS because password was incorrect.
> [root@sv11:root]# /ufr/rs_aix51/usr/afsws-openafs-1.3.65/bin/klog hgb
> Password:
> Unable to authenticate to AFS because password was incorrect.
> [root@sv11:root]# /ufr/rs_aix51/usr/afsws-openafs-1.3.65/bin/klog \
> hgb@test.uni-freiburg.de
> Password:
> [root@sv11:root]# tokens
>
> Tokens held by the Cache Manager:
>
> User's (AFS ID 1026) token for afs@test.uni-freiburg.de [Expires Aug 4 17:50]
> --End of list--
> [root@sv11:root]#
>
> Further experiments show that the effect is dependend on the length of the
> password. I have the problem with a password of 8 characters. If I choose a
> password of 9 characters, all seems to work. I tested this also with a
> different userid.
>
> Any idea or help?
>
> H.G.Borrmann
--
-----------------------------------------------------------------
Hartmut Reuter e-mail reuter@rzg.mpg.de
phone +49-89-3299-1328
RZG (Rechenzentrum Garching) fax +49-89-3299-1301
Computing Center of the Max-Planck-Gesellschaft (MPG) and the
Institut fuer Plasmaphysik (IPP)
-----------------------------------------------------------------