[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

krb4 ticket not accepted

To: heimdal-discuss@sics.se
Subject: krb4 ticket not accepted
From: Martin MOKREJŠ <mmokrejs@natur.cuni.cz>
Date: Tue, 18 Nov 2003 18:30:28 +0100 (CET)
In-Reply-To: <amn0azkjb5.fsf@nutcracker.stacken.kth.se>
References: <3FB3D29A.2040202@alcatel.com> <amn0azkjb5.fsf@nutcracker.stacken.kth.se>
Sender: owner-heimdal-discuss@sics.se

Hi,
  why isn't the user allowed to login when $HOME/.klogin contains
his krb4 syntaxed name mokrejs@REALM? Using /usr/athena/bin/telnet works or
specifiying mokrejs@REALM in $HOME/.k5login works too. But no $HOME/.klogin
while no $HOME/.k5login exists.

BTW: Heimdal's telnetd manpage does not list the $HOME/.k5login.


root@kulan:/scratch/heimdal-0.6-20031118# /usr/heimdal/bin/telnet -l bioadmin kulan
Encryption is verbose
Trying xxx.xxx.xxx.xxx...
Connected to kulan.cellname.
Escape character is '^]'.
Waiting for encryption to be negotiated...
[ Trying mutual KERBEROS5 (host/kulan.cellname@REALM)... ]
[ Kerberos V5 refuses authentication because user `mokrejs@REALM' is not authorized to login as `bioadmin' ]
[ Trying KERBEROS5 (host/kulan.cellname@REALM)... ]
[ Kerberos V5 refuses authentication because user `mokrejs@REALM' is not authorized to login as `bioadmin' ]
[ Trying mutual KERBEROS4 (rcmd.kulan@REALM) ... ]
[ Kerberos V4 accepts you ]
[ Kerberos V4 challenge successful ]
[ Output is now encrypted with type DES_CFB64 ]
[ Input is now decrypted with type DES_CFB64 ]
Encryption negotiated.
                      Debian GNU/%s testing/unstable %h

*** Connection not encrypted! Communication may be eavesdropped. ***
User not authenticated. Using plaintext username and password
login: Connection closed by foreign host.
root@kulan:/scratch/heimdal-0.6-20031118# /usr/athena/bin/telnet -l bioadmin kulan
Trying xxx.xxx.xxx.xxx...
Connected to kulan.cellname.
Escape character is '^]'.
Waiting for encryption to be negotiated...
[ Trying mutual KERBEROS4 (rcmd.kulan@REALM) ... ]
[ Kerberos V4 accepts you ]
[ Kerberos V4 challenge successful ]
Encryption negotiated.
Debian GNU/%s testing/unstable %h
bioadmin@kulan:~$
Connection closed by foreign host.
root@kulan:/scratch/heimdal-0.6-20031118# klist
Credentials cache: FILE:/tmp/krb5cc_0
        Principal: mokrejs@REALM

  Issued           Expires          Principal
Nov 18 18:15:40  Nov 19 04:15:40  krbtgt/REALM@REALM
Nov 18 18:15:40  Nov 19 04:15:40  krbtgt/REALM@REALM
Nov 18 18:15:46  Nov 19 04:15:40  ftp/kulan.cellname@REALM
Nov 18 18:16:28  Nov 19 04:15:40  host/kulan.cellname@REALM

   V4-ticket file: /tmp/tkt0
        Principal: mokrejs@REALM

  Issued           Expires          Principal
Nov 18 18:15:40  Nov 19 04:15:40  krbtgt.REALM@REALM
Nov 18 18:16:28  Nov 19 04:16:28  rcmd.kulan@REALM
root@kulan:/scratch/heimdal-0.6-20031118#




-- 
Martin Mokrejs <mmokrejs@natur.cuni.cz>
PGP5.0i key is at http://www.natur.cuni.cz/~mmokrejs

Follow-Ups:
- Re: krb4 ticket not accepted
  - From: Andreas Haupt <ahaupt@ifh.de>
- Re: krb4 ticket not accepted
  - From: joda@pdc.kth.se (Johan Danielsson)

References:
- how to forward tickets
  - From: Sujeevan Rasaratnam <sujeevan.rasaratnam@alcatel.com>
- Re: how to forward tickets
  - From: Love <lha@stacken.kth.se>

Prev by Date: Re: Tru64 Unix 4.0f and Heimdal v0.6 compile trouble.
Next by Date: Re: trouble with forwarded tgt from windows client
Prev by thread: Re: how to forward tickets
Next by thread: Re: krb4 ticket not accepted
Index(es):
- Date
- Thread