[OpenAFS] Server not Found in Kerberos database

rizo@upp.pt rizo@upp.pt
Fri, 10 Dec 2010 19:58:18 +0000


When logging in to the server I'm getting these kerberos errors:

--------------------------------------------------------------------------------
==> /var/log/kerberos/krb5kdc.log <==
Dec 10 19:51:28 multivac krb5kdc[2987](info): AS_REQ (7 etypes {18 17 16
23 1 3 2}) 192.168.25.1: NEEDED_PREAUTH: seldon@UPP for krbtgt/UPP@UPP,
Additional pre-authentication required
Dec 10 19:51:28 multivac krb5kdc[2987](info): AS_REQ (7 etypes {18 17 16
23 1 3 2}) 192.168.25.1: ISSUE: authtime 1292010688, etypes {rep=18 tkt=18
ses=18}, seldon@UPP for krbtgt/UPP@UPP
Dec 10 19:51:28 multivac krb5kdc[2987](info): TGS_REQ (7 etypes {18 17 16
23 1 3 2}) 192.168.25.1: ISSUE: authtime 1292010688, etypes {rep=18 tkt=18
ses=18}, seldon@UPP for host/multivac.upp@UPP

==> /var/log/auth.log <==
Dec 10 19:51:28 multivac sshd[25875]: pam_krb5(sshd:auth): user seldon
authenticated as seldon@UPP
Dec 10 19:51:28 multivac sshd[25875]: Accepted password for seldon from
188.82.157.22 port 51942 ssh2
Dec 10 19:51:28 multivac sshd[25875]: pam_unix(sshd:session): session
opened for user seldon by (uid=0)

==> /var/log/kerberos/krb5kdc.log <==
Dec 10 19:51:28 multivac krb5kdc[2987](info): TGS_REQ (1 etypes {1})
192.168.25.1: UNKNOWN_SERVER: authtime 0,  seldon@UPP for afs/upp@UPP,
Server not found in Kerberos database
Dec 10 19:51:28 multivac krb5kdc[2987](info): TGS_REQ (1 etypes {1})
192.168.25.1: UNKNOWN_SERVER: authtime 0,  seldon@UPP for afs/upp@UPP,
Server not found in Kerberos database
Dec 10 19:51:28 multivac krb5kdc[2987](info): TGS_REQ (1 etypes {1})
192.168.25.1: UNKNOWN_SERVER: authtime 0,  seldon@UPP for afs/upp@UPP,
Server not found in Kerberos database
Dec 10 19:51:28 multivac krb5kdc[2987](info): TGS_REQ (1 etypes {1})
192.168.25.1: UNKNOWN_SERVER: authtime 0,  seldon@UPP for afs/upp@UPP,
Server not found in Kerberos database
Dec 10 19:51:28 multivac krb5kdc[2987](info): TGS_REQ (1 etypes {1})
192.168.25.1: UNKNOWN_SERVER: authtime 0,  seldon@UPP for afs/upp@UPP,
Server not found in Kerberos database
Dec 10 19:51:28 multivac krb5kdc[2987](info): TGS_REQ (1 etypes {1})
192.168.25.1: UNKNOWN_SERVER: authtime 0,  seldon@UPP for afs/upp@UPP,
Server not found in Kerberos database
Dec 10 19:51:28 multivac krb5kdc[2987](info): TGS_REQ (1 etypes {1})
192.168.25.1: ISSUE: authtime 1292010688, etypes {rep=18 tkt=1 ses=1},
seldon@UPP for afs@UPP
--------------------------------------------------------------------------------

Here's output from '$ sudo kadmin.local root/admin -q list_principals':
...
afs@UPP
host/multivac.upp@UPP
kadmin/admin@UPP
kadmin/changepw@UPP
kadmin/history@UPP
kadmin/krb.upp@UPP
krbtgt/UPP@UPP
root/admin@UPP
seldon@UPP
...

It's seems to me that afs uses the wrong principal, but I can't figure out
where should I fix it.

Any seggestions?

-- Rizo