Tokens disappearing on freebsd 5.5
Henry B. Hotz
hotz at jpl.nasa.gov
Wed Jun 21 19:21:17 CEST 2006
On Jun 21, 2006, at 9:21 AM, Scott Peshak wrote:
> On 21 Jun 2006 16:10:46 +0200, Tomas Olsson <tol at stacken.kth.se>
> wrote:
>
>> Could you check what tickets and kvno your fileserver uses? Also,
>> it would
>> be interesting to see klist -v from your host and compare it to
>> what it
>> looks like on a client with working authenticated access.
>>
> Server: afs at RANDOMSCREWS.NET
> Ticket etype: des-cbc-crc, kvno 1
> Auth time: Jun 21 11:15:12 2006
> End time: Jun 21 21:15:12 2006
> Ticket flags: transited-policy-checked
> Addresses: IPv4:10.0.0.1
>
> Server: afs/randomscrews.net at RANDOMSCREWS.NET
> Ticket etype: des-cbc-crc, kvno 1
> Auth time: Jun 21 11:15:12 2006
> End time: Jun 21 21:15:12 2006
> Ticket flags: transited-policy-checked
> Addresses: IPv4:10.0.0.1
>
>
> My fileservers use the afs/randomscrews.net at RANDOMSCREWS.NET key in
> the keyfile, per the instructions i found here:
> http://kula.public.iastate.edu/talks/afs-bpw-2005/afs-bpw-2005-
> iowa.html
Are the keys of those two principals the same? If you know that the
latter is what's used, then can you delete the former from the KDC?
Note that the AFS keyfile can't represent both of those keys unless
they have different kvno's. If you need both principals, then rev
one of them so you can put both in the keyfile.
------------------------------------------------------------------------
----
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz at jpl.nasa.gov, or hbhotz at oxy.edu
More information about the Arla-drinkers
mailing list