Subject: kerberos questions, 1.5ALPHA
To: None <tech-crypto@netbsd.org>
From: Tracy J. Di Marco White <gendalia@iastate.edu>
List: tech-crypto
Date: 08/10/2000 22:36:52
I'm using 1.5ALPHA on i386, cvs updated August 6th.
There are a couple things I want to do with kerberos, and I'm not sure if
they should work, I just don't have them set up right, or if they don't
work yet.
First one I've brought up before, just not sure if it had been fixed yet.
I want to be able to get kerberos 4 tickets on login, when already getting
kerberos 5 tickets on login. What I get now:
> klist -4
Credentials cache: FILE:/tmp/krb5cc_14768.ttyp1
Principal: gendalia@IASTATE.EDU
Issued Expires Principal
Aug 10 22:16:07 Aug 11 08:16:07 krbtgt/IASTATE.EDU@IASTATE.EDU
Aug 10 22:16:23 Aug 11 08:16:07 host/bb.cc.iastate.edu@IASTATE.EDU
v4-ticket file: /tmp/tkt14768
klist: No ticket file (tf_util)
kinit -4 is also failing still, hanging for a while before timing out.
If I type my password incorrectly, that returns immediately. Only if
I type my password correctly does it hang. It seems to be talking to
both our kerberos-1 and kerbero-2 machines (as named in the krb.conf),
but it's also talking to windc1 and windc2 which are not mentioned in the
krb.conf or krb5.conf. (windc1 & windc2 are our windows kerberos servers.)
The other thing I'd like to use is encrypted telnet, and I'm again not
sure if I don't have everything quite configured, or if it's not supposed
to work yet. To/from a NetBSD machine, with a keytab:
> telnet -ax bb.cc
Trying 129.186.140.61...
Connected to bb.cc.iastate.edu.
Escape character is '^]'.
[ Trying KERBEROS5 ... ]
[ Kerberos V5 refuses authentication because Read req failed: Key table entry no
t found ]
[ Trying KERBEROS5 ... ]
[ Kerberos V5 refuses authentication because Read req failed: Key table entry no
t found ]
Password:
Kerberos 4 versions also don't work, of course.
Tracy J. Di Marco White
Project Vincent Systems Manager
gendalia@iastate.edu