[OpenAFS] afs migration to Kerberos 5 Help
Steve Devine
sdevine@msu.edu
Tue, 22 Jun 2004 09:35:28 -0400
Kevin Coffman wrote:
>>Heres a question. In the README for afs-krb5 it says
>>1) Create an AFS principal in the Kerberos database. Call it:
>>afs@YOUR.CELL.NAME
>>
>>Yet in the debug for aklog -d it seems to be calling for
>>afs/kerb5.cl.msu.edu@KERB5.CL.MSU.EDU
>>
>>So which one do I need ?
>
>
> I believe that a "modern" aklog will try both; however
> afs/<cellname>@REALM is preferred.
>
>
>>Also fakeka give this error:
>> No matching key in entry while decrypting the master key
>
>
> I think this has been discussed here or on the Kerberos list.
> fakeka doesn't currently support a 3DES master key. I'm guessing
> this is your situation.
>
> K.C.
>
Yes that indeed was my problem .. deleting the kdc and recreating it to
use single des did the right thing.
/sd
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
>
--
Steve Devine
Core Systems
Academic Computing & Network Services
Michigan State University
110 Computer Center
East Lansing, MI 48824-1042
1-517-355-4500 (x242)
Baseball is ninety percent mental; the other half is physical.
- Yogi Berra