[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
afslog doesn't give tokens
our site has now firewall installed. krb4 has been moved to krb5
(heimdal) ... I can get my tickets using kinit:
Credentials cache: FILE:/tmp/krb5cc_0
Issued Expires Principal
May 3 10:25:58 May 3 11:23:50 krbtgt/NATUR.CUNI.CZ@NATUR.CUNI.CZ
May 3 10:25:58 May 3 11:23:50 afs@NATUR.CUNI.CZ
May 3 10:26:07 May 3 11:23:50 afs/natur.cuni.cz@NATUR.CUNI.CZ
Tokens held by the Cache Manager:
--End of list--
Running afslog while capturinh data by tcpdump, I see connections to port
4444 (udp) on KDC. What services is that and which ports are required for
the reply from KDC back to client through firewall? I didn't configure
the KDC server, but I believe it's not compiled in krb4 nor kaserver mode.
11:17:17.559537 IP client.natur.cuni.cz.35441 > kdc.natur.cuni.cz.4444: UDP, length: 252
Do we have to regenerate afs keys?
Does the client have to have regenerated rcmd host key?
Yes, it's IP address has changed.
Martin Mokrejs <email@example.com>
PGP5.0i key is at http://www.natur.cuni.cz/~mmokrejs