Tokens disappearing on freebsd 5.5

[Scott Peshak]

On 21 Jun 2006 16:10:46 +0200, Tomas Olsson <tol at stacken.kth.se> wrote:

> Could you check what tickets and kvno your fileserver uses?  Also, it would
> be interesting to see klist -v from your host and compare it to what it
> looks like on a client with working authenticated access.
>

on the non-working fbsd box:
klist -v
Credentials cache: FILE:/tmp/krb5cc_0
        Principal: speshak at RANDOMSCREWS.NET
    Cache version: 4

Server: krbtgt/RANDOMSCREWS.NET at RANDOMSCREWS.NET
Ticket etype: des3-cbc-sha1, kvno 1
Auth time:  Jun 21 11:13:39 2006
End time:   Jun 21 21:13:38 2006
Renew till: Jul 21 11:13:38 2006
Ticket flags: renewable, initial
Addresses: IPv4:10.0.0.230

Server: afs at RANDOMSCREWS.NET
Ticket etype: des-cbc-crc, kvno 1
Auth time:  Jun 21 11:13:39 2006
End time:   Jun 21 21:13:38 2006
Ticket flags: transited-policy-checked
Addresses: IPv4:10.0.0.230


On a linux machine that works (using openafs client)
klist -v
Credentials cache: FILE:/tmp/krb5cc_0
        Principal: speshak at RANDOMSCREWS.NET
    Cache version: 4

Server: krbtgt/RANDOMSCREWS.NET at RANDOMSCREWS.NET
Ticket etype: aes256-cts-hmac-sha1-96, kvno 1
Auth time:  Jun 21 11:15:12 2006
End time:   Jun 21 21:15:12 2006
Ticket flags: initial
Addresses: IPv4:10.0.0.1

Server: afs at RANDOMSCREWS.NET
Ticket etype: des-cbc-crc, kvno 1
Auth time:  Jun 21 11:15:12 2006
End time:   Jun 21 21:15:12 2006
Ticket flags: transited-policy-checked
Addresses: IPv4:10.0.0.1

Server: afs/randomscrews.net at RANDOMSCREWS.NET
Ticket etype: des-cbc-crc, kvno 1
Auth time:  Jun 21 11:15:12 2006
End time:   Jun 21 21:15:12 2006
Ticket flags: transited-policy-checked
Addresses: IPv4:10.0.0.1


My fileservers use the afs/randomscrews.net at RANDOMSCREWS.NET key in
the keyfile, per the instructions i found here:
http://kula.public.iastate.edu/talks/afs-bpw-2005/afs-bpw-2005-iowa.html

Scott