[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
0.4e Client Issues
I am having some difficulty getting kerberos client software to
authenticate against the KDC. My KDC is kdc1, and the client is client1 and
I have added principals for host/kdc1, ftp/kdc1, host/client1, ftp/client1
and a local principal for my login name (sean@REALM). I've tested this with
ftp and telnet, and I can successfully login to the kdc via telnet or ftp
from both the kdc, and client1. However, I have not been able to
successfully ftp or telnet from the kdc to the client, or from the client to
itself. I extracted the database from kadmin onto the client, ran the
correct daemons and whatnot, but when I try ftp'ing in, I get this error:
220 FTP server (Version 6.00+heimdal-0.4e) ready.
Error: expected ADAT in reply. got: 535 foo?
...and in the kdc log file I get:
2002-06-10T16:14:21 TGS-REQ sean@REALM from IPv4:<client ip> for
krbtgt/REALM@REALM [forwarded, forwardable]
2002-06-10T16:14:21 Bad request for forwardable ticket
2002-06-10T16:14:21 sending 150 bytes to IPv4:<client ip>
At which point it reverts to plaintext. If I try telnetting (with -D
options in inetd) from the client to the client, the only errror I really
see is "Authorization Failed", and nothing in the kdc log file which isn't
I am not certain what I'm missing here. I am able to get tickets, use
kadmin remotely, and generally get to the kdc, but I am obviously missing
something on the client side. The client documentation seems to be sorely
lacking, and I'd appreciate any help (expedient at best :) ) I could get.
If you need more info, feel free to email me.