Roy Marples
2008-10-25 15:27:38 UTC
Hi List
I've installed NetBSD-4.99.73 on an AMD64 server, correctly configured
as an IPv4 and IPv6 gateway.
As Heimdal comes in the base system, I played around a little and have
it working sweet except for one details - kerberos fails over IPv6
$ telnet -ax ip6.marples.name
Trying fee1::209:5bff:fe84:887d...
Connected to ip6.marples.name.
Escape character is '^]'.
[ Trying KERBEROS5 ... ]
[ Kerberos V5 refuses authentication because Read req failed: Key table
entry not found ]
# ktutil l
FILE:/etc/krb5.keytab:
Vno Type Principal
1 des-cbc-md5 host/***@MARPLES.NAME
1 des-cbc-md4 host/***@MARPLES.NAME
1 des-cbc-crc host/***@MARPLES.NAME
1 aes256-cts-hmac-sha1-96 host/***@MARPLES.NAME
1 des3-cbc-sha1 host/***@MARPLES.NAME
1 arcfour-hmac-md5 host/***@MARPLES.NAME
$ host ip6.marples.name
ip6.marples.name has IPv6 address fee1::209:5bff:fe84:887d
$ host fee1::209:5bff:fe84:887d
d.7.8.8.4.8.e.f.f.f.b.5.9.0.2.0.0.0.0.0.0.0.0.0.0.0.0.0.1.e.e.f.ip6.arpa
domain name pointer ip6.marples.name.
Adding the principle host/fee1::209:5bff:fe84:887d then gives
[ Kerberos V5 refuses authentication because Read req failed: Decrypt
integrity check failed ]
Any ideas?
Worth filing a PR?
Thanks
Roy
--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
I've installed NetBSD-4.99.73 on an AMD64 server, correctly configured
as an IPv4 and IPv6 gateway.
As Heimdal comes in the base system, I played around a little and have
it working sweet except for one details - kerberos fails over IPv6
$ telnet -ax ip6.marples.name
Trying fee1::209:5bff:fe84:887d...
Connected to ip6.marples.name.
Escape character is '^]'.
[ Trying KERBEROS5 ... ]
[ Kerberos V5 refuses authentication because Read req failed: Key table
entry not found ]
# ktutil l
FILE:/etc/krb5.keytab:
Vno Type Principal
1 des-cbc-md5 host/***@MARPLES.NAME
1 des-cbc-md4 host/***@MARPLES.NAME
1 des-cbc-crc host/***@MARPLES.NAME
1 aes256-cts-hmac-sha1-96 host/***@MARPLES.NAME
1 des3-cbc-sha1 host/***@MARPLES.NAME
1 arcfour-hmac-md5 host/***@MARPLES.NAME
$ host ip6.marples.name
ip6.marples.name has IPv6 address fee1::209:5bff:fe84:887d
$ host fee1::209:5bff:fe84:887d
d.7.8.8.4.8.e.f.f.f.b.5.9.0.2.0.0.0.0.0.0.0.0.0.0.0.0.0.1.e.e.f.ip6.arpa
domain name pointer ip6.marples.name.
Adding the principle host/fee1::209:5bff:fe84:887d then gives
[ Kerberos V5 refuses authentication because Read req failed: Decrypt
integrity check failed ]
Any ideas?
Worth filing a PR?
Thanks
Roy
--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de