[OpenAFS] kaserver.DB0 converted, no success authenticating
Ken Hornstein
kenh@cmf.nrl.navy.mil
Mon, 29 Oct 2007 13:21:39 -0400
>Oct 29 12:58:13 silmaril krb5kdc[13245](info): AS_REQ (7 etypes {18 17
>16 23 1 3 2}) xxx.xx.11.213: DECRYPT_CLIENT_KEY: jblaine@RCF.FOO.COM for
>krbtgt/RCF.FOO.COM@RCF.FOO.COM, Decrypt integrity check failed
One little thing I always forget about afs2k5db .... it currently only
works if your master key is single-DES (in theory this isn't hard to fix,
but see previous comments about time, interest, etc etc). Judging by
this error, the client keys are not encrypted properly in the database.
I am guessing that your K/M principal is something other than single-DES.
--Ken