[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
krb4 ticket not accepted
Hi,
why isn't the user allowed to login when $HOME/.klogin contains
his krb4 syntaxed name mokrejs@REALM? Using /usr/athena/bin/telnet works or
specifiying mokrejs@REALM in $HOME/.k5login works too. But no $HOME/.klogin
while no $HOME/.k5login exists.
BTW: Heimdal's telnetd manpage does not list the $HOME/.k5login.
root@kulan:/scratch/heimdal-0.6-20031118# /usr/heimdal/bin/telnet -l bioadmin kulan
Encryption is verbose
Trying xxx.xxx.xxx.xxx...
Connected to kulan.cellname.
Escape character is '^]'.
Waiting for encryption to be negotiated...
[ Trying mutual KERBEROS5 (host/kulan.cellname@REALM)... ]
[ Kerberos V5 refuses authentication because user `mokrejs@REALM' is not authorized to login as `bioadmin' ]
[ Trying KERBEROS5 (host/kulan.cellname@REALM)... ]
[ Kerberos V5 refuses authentication because user `mokrejs@REALM' is not authorized to login as `bioadmin' ]
[ Trying mutual KERBEROS4 (rcmd.kulan@REALM) ... ]
[ Kerberos V4 accepts you ]
[ Kerberos V4 challenge successful ]
[ Output is now encrypted with type DES_CFB64 ]
[ Input is now decrypted with type DES_CFB64 ]
Encryption negotiated.
Debian GNU/%s testing/unstable %h
*** Connection not encrypted! Communication may be eavesdropped. ***
User not authenticated. Using plaintext username and password
login: Connection closed by foreign host.
root@kulan:/scratch/heimdal-0.6-20031118# /usr/athena/bin/telnet -l bioadmin kulan
Trying xxx.xxx.xxx.xxx...
Connected to kulan.cellname.
Escape character is '^]'.
Waiting for encryption to be negotiated...
[ Trying mutual KERBEROS4 (rcmd.kulan@REALM) ... ]
[ Kerberos V4 accepts you ]
[ Kerberos V4 challenge successful ]
Encryption negotiated.
Debian GNU/%s testing/unstable %h
bioadmin@kulan:~$
Connection closed by foreign host.
root@kulan:/scratch/heimdal-0.6-20031118# klist
Credentials cache: FILE:/tmp/krb5cc_0
Principal: mokrejs@REALM
Issued Expires Principal
Nov 18 18:15:40 Nov 19 04:15:40 krbtgt/REALM@REALM
Nov 18 18:15:40 Nov 19 04:15:40 krbtgt/REALM@REALM
Nov 18 18:15:46 Nov 19 04:15:40 ftp/kulan.cellname@REALM
Nov 18 18:16:28 Nov 19 04:15:40 host/kulan.cellname@REALM
V4-ticket file: /tmp/tkt0
Principal: mokrejs@REALM
Issued Expires Principal
Nov 18 18:15:40 Nov 19 04:15:40 krbtgt.REALM@REALM
Nov 18 18:16:28 Nov 19 04:16:28 rcmd.kulan@REALM
root@kulan:/scratch/heimdal-0.6-20031118#
--
Martin Mokrejs <mmokrejs@natur.cuni.cz>
PGP5.0i key is at http://www.natur.cuni.cz/~mmokrejs