[OpenAFS] heimdal, keyfiles, and bootup

[Jeffrey Hutzelman]

On Sunday, April 18, 2004 11:29:07 -0400 "Matthew J. Turk" 
<mturk@astro.psu.edu> wrote:

> Hi there.  I'm attempting to convert to a heimdal authentication system,
> but  I've run into a problem.  (Everything else seems to work ok so far,
> and I've  been following directions from this list -- specifically, from
> this thread:
> https://lists.openafs.org/pipermail/openafs-info/2002-May/004321.html )
>
> I'm having problems with the file /usr/afs/etc/KeyFile.  When it's the
> one  generated by Heimdal (with, I believe, only the correct types of
> encryption)  bosserver fails to start (silently, I noted with
> irritation.)  In order to  get AFS to start, I have to copy my old
> keyfile back on top of it, start AFS,  and then copy the heimdal keyfile
> over in order to proceed with
> authentication.
>
> I also noted they're quite different sizes; the heimdal-generated keyfile
> is  about 800bytes, where the AFS one is about 100.  The types of
> encryption,  according to ktutil, are all des-cbc-crc, although for some
> reason I have  three copies of the key for principal afs/cell@REALM.
>
> Has anybody run into this problem before?  Does it just smell like an
> encryption-type problem, or is it something simpler?

Exactly what commands did you use to generate the keyfile?