[OpenAFS] Re: asetkey: failed to set key, code 70354694

Andrew Deason adeason@sinenomine.net
Fri, 7 Jan 2011 19:52:43 -0500


On Fri, 07 Jan 2011 14:41:11 -0500
Jeff Blaine <jblaine@kickflop.net> wrote:

> I should also point out that 'kinit; aklog' works for all
> users who report problems.
> 
> How could it be that pam_krb5 (Russ's) and pam_afs_session
> are broken due to a key change?

If you changed the key, and someone has an old afs service key (from
before the key change), their access is not going to work.

So, do you mean it works when you 'kinit; aklog', but you get an error
when you login normally? (as in, using a password) Whether that be via
ssh or whatever.

-- 
Andrew Deason
adeason@sinenomine.net