[OpenAFS] Mit Krb5 and OpenAFS
Derek Atkins
warlord@MIT.EDU
18 Jan 2002 12:18:58 -0500
"Derek T. Yarnell" <derek@cs.umd.edu> writes:
> Now when i tried to get afs tokens through kinit then aklog i got this :
>
> [root@bungholio]# /usr//local/openafs/bin/aklog -d
> Authenticating to cell cs.umd.edu (server bungholio.cs.umd.edu).
> We've deduced that we need to authenticate to realm CS.UMD.EDU.
> Getting tickets: afs/@CS.UMD.EDU
> About to resolve name derek to id in cell cs.umd.edu.
> Id 32766
> Set username to derek
> Setting tokens. derek / @ CS.UMD.EDU
> aklog: unable to obtain tokens for cell cs.umd.edu (status: 11862791).
>
> Could this be that krb524d is not doing the right thing? Or am i missing
> something?
This is either:
krb524d is not working properly, or
the KeyFile is not setup properly on your AFS Servers.
> [root@bungholio]# klist
> Ticket cache: FILE:/tmp/krb5cc_0
> Default principal: derek@CS.UMD.EDU
>
> Valid starting Expires Service principal
> 01/18/02 11:51:41 01/18/02 21:51:41 krbtgt/CS.UMD.EDU@CS.UMD.EDU
> 01/18/02 11:51:57 01/18/02 21:51:41 afs@CS.UMD.EDU
>
>
> Kerberos 4 ticket cache: /tmp/tkt0
> klist: You have no tickets cached
This looks correct. You are successfully getting your afs@CS.UMD.EDU
v5 key.
What does 'klist -e' give you? Did you err and install a 3des key
for AFS?
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available