[OpenAFS] AFS + Kerberos
Maurizio Santini
msantini@pictage.com.ar
Sat, 22 Jan 2005 10:16:50 -0300
stop using ktadd?
Very much right ones I realized (as you said) the key mismatch was for
the afs principal and not the user.
Thanks,
Maurizio
On Thu, 2005-01-20 at 01:09, Derrick J Brashear wrote:
> On Tue, 18 Jan 2005, Maurizio Santini wrote:
>
> > Does anyone know how to circumnavigate this kind of egg/chicken problem?
> >
> > I'm trying to make the kvno for a testuser match the entry in
> > /etc/krb5.keytab and the KeyFile but every time I do so using "ktadd" I
> > have to change the password for the user. As a consequence the kvno
> > gets increased by one and I have the same problem again.
>
> stop using ktadd?
>
> > I'm doing this because I get the error "security object was passed a bad
> > ticket" and I think it's because there's a key mismatch (please correct
> > me if I'm wrong).
>
> Well, the kvno mismatch would be for the afs principal, not the user. So
> the bosserver and the other servers would find the wrong version in the
> KeyFile (not the one that matches what the kdc has)
>
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info