[OpenAFS] /etc/gss/mech + gssklog
Chris McClimans
openafs-info@mcclimans.net
Tue, 9 Sep 2003 14:43:15 -0500
I've switched around /etc/gss/mech to put kerberos_v5 first. Now it
gives me some errors about invalid tokens.
gssklog works on other boxes (linux boxes) at this point. So it's still
something with my solaris configuration I think.
Where can I look up the error codes for GSS-errors and stuff. Is in it
the gssapi standard somewhere?
-chris
bash-2.03# cat /etc/gss/mech
# Mechanism Name Object Identifier Shared Library Kernel
Module
#
kerberos_v5 1.2.840.113554.1.2.2 gl/mech_krb5.so
gl_kmech_krb5
diffie_hellman_640_0 1.3.6.4.1.42.2.26.2.4 dh640-0.so.1
diffie_hellman_1024_0 1.3.6.4.1.42.2.26.2.5 dh1024-0.so.1
bash-2.03# klist
Ticket cache: /tmp/krb5cc_0
Default principal: mccliman@CS.TTU.EDU
Valid starting Expires
Service principal
Tue Sep 09 14:30:49 2003 Wed Sep 10 00:30:49 2003
krbtgt/CS.TTU.EDU@CS.TTU.EDU
renew until Tue Sep 16 14:30:49 2003
bash-2.03# ./gssklog
GSS-error init_sec_context failed: major:00090000 minor:00000000
Invalid token was supplied
No error
Problem 2 with server elm.cs.ttu.edu, trying next
GSS-error init_sec_context failed: major:00090000 minor:00000000
Invalid token was supplied
No error
Problem 2 with server oak.cs.ttu.edu
Failed code = 2
bash-2.03# klist
Ticket cache: /tmp/krb5cc_0
Default principal: mccliman@CS.TTU.EDU
Valid starting Expires
Service principal
Tue Sep 09 14:30:49 2003 Wed Sep 10 00:30:49 2003
krbtgt/CS.TTU.EDU@CS.TTU.EDU
renew until Tue Sep 16 14:30:49 2003