[OpenAFS] Problem getting AFS tokens on debian...
Derrick Brashear
shadow@gmail.com
Mon, 18 Jan 2010 09:58:57 -0500
On Mon, Jan 18, 2010 at 9:37 AM, Jan Pospisil <honik@kma.zcu.cz> wrote:
> Hello OpenAFS gurus :),
>
> I am having problems getting AFS tokens probably after one of recent syst=
em
> upgrade. I am using debian testing on x86_64 with
> - *krb5* version 1.8+dfsg~alpha1-2
> - *openafs* version 1.4.11+dfsg-6
> (in particular m-a build of openafs-modules-2.6.30-2-amd64 version
> 1.4.11+dfsg-6+2.6.30-8squeeze1)
> - kernel from linux-image-2.6.30-2-amd64 ver. 2.6.30-8squeeze1
>
> The afsd is runnig fine, I can see the AFS tree, I have the proper krb5
> tickets, but I am not able to get the AFS tokens:
>
> honik@aither:~$ klist -e
> Ticket cache: FILE:/tmp/krb5cc_6141
> Default principal: honik@ZCU.CZ
>
> Valid starting =A0 =A0 Expires =A0 =A0 =A0 =A0 =A0 =A0Service principal
> 01/18/10 15:21:14 =A001/18/10 23:21:10 =A0krbtgt/ZCU.CZ@ZCU.CZ
> =A0 =A0 =A0 =A0renew until 02/02/10 15:21:10, Etype (skey, tkt): AES-256 =
CTS mode
> with 96-bit SHA-1 HMAC, Triple DES cbc mode with HMAC/sha1
>
> honik@aither:~$ aklog -d -c zcu.cz
> Authenticating to cell zcu.cz (server oknos.zcu.cz).
> Trying to authenticate to user's realm ZCU.CZ.
> Getting tickets: afs/zcu.cz@ZCU.CZ
> Kerberos error code returned by get_cred : -1765328184
> aklog: Couldn't get zcu.cz AFS tickets:
> aklog: unknown RPC error (-1765328184) while getting AFS tickets
they're just standard krb5 errors.
#define KRB5_CC_NOT_KTYPE (-1765328184L)
> honik@aither:~$ klog
> klog: unknown RPC error (-1765328370) Unable to authenticate to use
> afs/zcu.cz
#define KRB5KDC_ERR_ETYPE_NOSUPP (-1765328370L)
what key type is the AFS key?