Heimdal problem: Heimdal 1.4.0~git20100322 till *.stacken.kth.se
Magnus Sandberg
mem at stacken.kth.se
Sun May 30 21:36:34 CEST 2010
Hej Harald!
Jag kör inte NAT hemma, alla har väl ett routat C-nät hemma? :-)
Dock har jag ett annat problem på med Squeeze-klient. Varken ktelnet till
shell.stacken.kth.se eller push (kpop) från pop.stacken.kth.se fungerar.
Båda kommandona fungerar på min Lenny-klient.
Så efter att ha bytt Kerberos-lösenord får jag ut en TGT på min
Squeeze-klient men sedan blir det inte så mycket mer action. Bifogar en fil
med lite kommando-output ifrån mina Squeeze- och Lenny-klienter. Kan det
vara något liknande med enctype även denna gång?
MVH // Mem
_\\|//_
(-0-0-)
/--------------ooO-(_)-Ooo--------------\
| Magnus Sandberg |
| Email: mem at stacken.kth.se |
| GSM: +46-70-205 81 84 |
| http://www.linkedin.com/in/link2mem |
\---------------------------------------/
|| ||
ooO Ooo
----- Den 28:e maj 2010 skrev Harald Barth följande; -----
> En kpasswd senare så fungerar det hela. Dock fick jag inte kpasswd att
> fungera på min i övrigt fungerande Lenny-klient
fukar inte bakom NAT.
> Jag är ingen aktiv Debian-utvecklare så för dem är jag vilken J. Random
> Nerd som helt som klagar.
Men om det är fler random j nerd som tycker så är det ju bättre.
Harald.
-------------- next part --------------
squeeze:~$ klist
Credentials cache: FILE:/tmp/krb5cc_11171
Principal: mem at STACKEN.KTH.SE
Issued Expires Principal
May 30 21:23:33 May 31 07:23:33 krbtgt/STACKEN.KTH.SE at STACKEN.KTH.SE
squeeze:~$ klist -v
Credentials cache: FILE:/tmp/krb5cc_11171
Principal: mem at STACKEN.KTH.SE
Cache version: 4
Server: krbtgt/STACKEN.KTH.SE at STACKEN.KTH.SE
Client: mem at STACKEN.KTH.SE
Ticket etype: aes256-cts-hmac-sha1-96, kvno 1
Ticket length: 325
Auth time: May 30 21:23:33 2010
End time: May 31 07:23:33 2010
Ticket flags: pre-authent, initial, proxiable, forwardable
Addresses: addressless
squeeze:~$ ktelnet -x shell.stacken.kth.se
Encryption is verbose
Trying 130.237.234.160...
Connected to gustavskorv.stacken.kth.se.
Escape character is '^]'.
Waiting for encryption to be negotiated...
[ Trying mutual KERBEROS5 (host/gustavskorv.stacken.kth.se at STACKEN.KTH.SE)... ]
Kerberos V5: mk_req failed (Program lacks support for encryption type)
[ Trying KERBEROS5 (host/gustavskorv.stacken.kth.se at STACKEN.KTH.SE)... ]
Kerberos V5: mk_req failed (Program lacks support for encryption type)
Authentication negotiation has failed,
which is required for encryption.
squeeze:~$ /usr/sbin/push -v mem at pop.stacken.kth.se /var/mail/mem
push: krb5_sendauth: KDC has no support for encryption type
*************************************************************************************
lenny:~$ klist
Credentials cache: FILE:/tmp/krb5cc_11171
Principal: mem at STACKEN.KTH.SE
Issued Expires Principal
May 30 21:22:00 May 31 07:22:00 krbtgt/STACKEN.KTH.SE at STACKEN.KTH.SE
lenny:~$ klist -v
Credentials cache: FILE:/tmp/krb5cc_11171
Principal: mem at STACKEN.KTH.SE
Cache version: 4
KDC time offset: -24 seconds
Server: krbtgt/STACKEN.KTH.SE at STACKEN.KTH.SE
Client: mem at STACKEN.KTH.SE
Ticket etype: aes256-cts-hmac-sha1-96, kvno 1
Ticket length: 325
Auth time: May 30 21:22:00 2010
End time: May 31 07:22:00 2010
Ticket flags: forwardable, proxiable, initial, pre-authenticated
Addresses: addressless
lenny:~$ ktelnet -x shell.stacken.kth.se
Encryption is verbose
Trying 130.237.234.160...
Connected to gustavskorv.stacken.kth.se.
Escape character is '^]'.
Waiting for encryption to be negotiated...
[ Trying mutual KERBEROS5 (host/gustavskorv.stacken.kth.se at STACKEN.KTH.SE)... ]
[ Kerberos V5 accepts you as ``mem at STACKEN.KTH.SE'' ]
[ Output is now encrypted with type DES_CFB64 ]
[ Input is now decrypted with type DES_CFB64 ]
Encryption negotiated.
Sun Microsystems Inc. SunOS 5.9 Generic May 2002
+==========================================================+
| Stacken's CPU server. Mostly known under the name of |
| shell.stacken.kth.se. By default, your environment |
| contains only the bare necessities. If you want a richer |
| environment, use the module command, e.g.: |
| |
lenny:~$ /usr/sbin/push -v mem at pop.stacken.kth.se /var/mail/mem
mem at pop.stacken.kth.se -> /var/mail/mem
1 message(s) (20148 bytes). fetching... deleting... Done
lenny:~$ klist
Credentials cache: FILE:/tmp/krb5cc_11171
Principal: mem at STACKEN.KTH.SE
Issued Expires Principal
May 30 21:22:00 May 31 07:22:00 krbtgt/STACKEN.KTH.SE at STACKEN.KTH.SE
May 30 21:22:27 May 31 07:22:00 host/gustavskorv.stacken.kth.se at STACKEN.KTH.SE
May 30 21:22:51 May 31 07:22:00 pop/brev.stacken.kth.se at STACKEN.KTH.SE
lenny:~$ klist -v
Credentials cache: FILE:/tmp/krb5cc_11171
Principal: mem at STACKEN.KTH.SE
Cache version: 4
KDC time offset: -24 seconds
Server: krbtgt/STACKEN.KTH.SE at STACKEN.KTH.SE
Client: mem at STACKEN.KTH.SE
Ticket etype: aes256-cts-hmac-sha1-96, kvno 1
Ticket length: 325
Auth time: May 30 21:22:00 2010
End time: May 31 07:22:00 2010
Ticket flags: forwardable, proxiable, initial, pre-authenticated
Addresses: addressless
Server: host/gustavskorv.stacken.kth.se at STACKEN.KTH.SE
Client: mem at STACKEN.KTH.SE
Ticket etype: des-cbc-crc, kvno 2
Ticket length: 316
Auth time: May 30 21:22:00 2010
Start time: May 30 21:22:27 2010
End time: May 31 07:22:00 2010
Ticket flags: pre-authenticated, transited-policy-checked
Addresses: addressless
Server: pop/brev.stacken.kth.se at STACKEN.KTH.SE
Client: mem at STACKEN.KTH.SE
Ticket etype: des-cbc-md5, kvno 2
Ticket length: 324
Auth time: May 30 21:22:00 2010
Start time: May 30 21:22:51 2010
End time: May 31 07:22:00 2010
Ticket flags: pre-authenticated, transited-policy-checked
Addresses: addressless
More information about the Stacken
mailing list