[OpenAFS] AFS-K5 transition problem - 'unknown key version number'
FBO
fbo2@gmx.net
Thu, 22 Aug 2002 06:23:54 +0200
On Wed, Aug 21, 2002 at 10:59:43AM -0500, tbird57 wrote:
[snip]
> What am I missing? I was guessing that the key encryption
> type was
> an issue, which is why I specified 'ktadd' with '-e'. I've
> seen
> other postings regarding what appears to be the same
> problem.
> Any clues (and an explanation) are much appreciated...
AFAIK there must not be any other key for the AFS-principal in your
krb5. So it shouldn't be necessary to use ktadd together with "-e".
You should use 'kadmin -e des-cbc-crc' when CREATING the
AFS-principal.
As soon as there are wrong keys associated with the AFS-princ
it will not work.
Use 'kadmin -e des-cbc-crc', delete the old, create a new AFS-princ.
Use 'ktadd' and 'asetkey' the key into all you AFS-Servers.
That should work.
(Own experiences, Please correct me if I'm wrong...)
Regards,
FBO