[OpenAFS] Re: Trouble creating AFS KeyFile on FreeBSD 10.0
Andrew Deason
adeason@sinenomine.net
Fri, 26 Sep 2014 10:03:40 -0500
On Wed, 24 Sep 2014 08:22:12 -0700
Eric Shell <eshell@soe.ucsc.edu> wrote:
> > Can you run any command successfully with -localauth? A good simple
> > test is 'bos status' like you showed; just run it with -localauth.
>
> Yes, this works. It immediately says that buserver, vlserver, and
> ptserver are running normally.
That seems a little odd; is it only ptserver that fails? Try these, to
check each individual server:
bosserver: bos status <server> -localauth
vlserver: vos listaddrs -noresolv -localauth
ptserver: pts listmax -localauth
buserver: backup listhosts -localauth
I guess you don't have any fileservers up yet, but if you did, you could
check volserver via:
volserver: vos listpart <server> -localauth
If doing that still shows only ptserver as failing, maybe try getting a
packet trace while trying to run the 'pts' command, and sharing that
privately. For pts, just capture udp port 7002. (If you want to capture
traffic for others, you can just get all udp traffic to be sure.)
> > Can you show the contents of rxkad.keytab? Not the keys, obviously;
> > just what the principals and enctypes are.
>
> Sure thing:
>
> Vno Type Principal Aliases
> 2 aes256-cts-hmac-sha1-96 afs/soe.ucsc.edu@SOE.UCSC.EDU
> 2 des3-cbc-sha1 afs/soe.ucsc.edu@SOE.UCSC.EDU
> 2 arcfour-hmac-md5 afs/soe.ucsc.edu@SOE.UCSC.EDU
That's fine.
--
Andrew Deason
adeason@sinenomine.net