[OpenAFS] Re: SuSe 9.0 &Heimdal.6
ted creedon
tcreedon@easystreet.com
Sun, 28 Dec 2003 15:43:01 -0800
Then does a "security object was passed a bad ticket" error imply either =
a
kvno that is out of sync (with what?) or possibly a ticket that doesn't
match something because of an incorrect salt?
=20
-----Original Message-----
From: openafs-info-admin@openafs.org =
[mailto:openafs-info-admin@openafs.org]
On Behalf Of Derrick J Brashear
Sent: Saturday, December 27, 2003 10:35 PM
Cc: openafs-info@openafs.org
Subject: RE: [OpenAFS] Re: SuSe 9.0 &Heimdal.6
On Sat, 27 Dec 2003, ted creedon wrote:
> Does "no salt" mean the keynames are listed des-cbc-crc() rather than
> des-cbc-crc(pw-salt) or des-cbc-crc(afs3-salt(tedcell))?
correct
>
> On Sat, 27 Dec 2003, ted creedon wrote:
>
> >
> > Kadmin> list -l afs@TED-DORIS.FAM
> >
> > Indicates renaming is changing the salt from TED-DORIS.FAM to
> > TED-DORIS.FAMafs to TED-DORIS.FAMafstedcell
>
> oh. maybe you should give up on the importing kaserver database, =
because
> this is another sign of something gone wrong: an option to hprop was
> supposed to indicate DES string to key, e.g. "no salt"
>
>
> > Sounds to me like the general idea is to be able to run kaserver to =
set
up
> > the afs domain in /etc/opanafs/server/KeyFile and import it into
> > /etc/krb5.keytab
>
> fileserver/bosserver/vlserver/et al don't read krb5.keytab.
>
>
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
>
_______________________________________________
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info