[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Heimdal <-> MIT 1.1.1
Fabrizio Manfredi <vipi@fastflowsrl.com> writes:
> Hi all,
Hello.
> I can' connect with telnet from heimdal
> to a MIT Krb5 (1.1.1) telnetd, i get the ticket from
> MIT Kdc but when a try to connect i receive :
>
> [ Trying mutual KERBEROS5 ... ]
> Kerberos V5: mk_req failed (Generic error (see e-text))
> [ Trying KERBEROS5 ... ]
> Kerberos V5: mk_req failed (Generic error (see e-text))
This doesn't say very much.
> in the kdc.log i found
> (750): PROCESS_TGS: authtime 0, <unknown client> for host/pmair2.elet.polimi.it@ELET.POLIMI.IT, Encryption type not permitted
Hm, and it does not tell what encryption type is not permitted, I
assume?
> what i must to do ? ( i think set something in the krb5.conf)
You might try:
[libdefaults]
default_etypes = des-cbc-crc
or
[libdefaults]
default_etypes_des = des-cbc-crc
>
> Another small question
> when i try to use krb4 to telnet always on telnetd krb5
> i receive the message :
> [ Kerberos V4 refuses authentication because Can't decode authenticator (krb_rd_req) ]
> [ Trying KERBEROS4 ... ]
> [ Kerberos V4 refuses authentication because Can't decode authenticator (krb_rd_req) ]
>
> I clean and dump a lot of time the krb5.keytab , but nothing is change
Can you also try to dump and see what kind of encryption types you
have in krb5.keytab on the host running telnetd?
/assar