[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

afslog doesn't give tokens

To: heimdal-discuss@sics.se
Subject: afslog doesn't give tokens
From: Martin MOKREJŠ <mmokrejs@natur.cuni.cz>
Date: Mon, 3 May 2004 11:24:22 +0200 (CEST)
Sender: owner-heimdal-discuss@sics.se

Hi,
  our site has now firewall installed. krb4 has been moved to krb5
(heimdal) ... I can get my tickets using kinit:

# /usr/heimdal/bin/klist
Credentials cache: FILE:/tmp/krb5cc_0
        Principal: mmokrejs@NATUR.CUNI.CZ

  Issued           Expires          Principal
May  3 10:25:58  May  3 11:23:50  krbtgt/NATUR.CUNI.CZ@NATUR.CUNI.CZ
May  3 10:25:58  May  3 11:23:50  afs@NATUR.CUNI.CZ
May  3 10:26:07  May  3 11:23:50  afs/natur.cuni.cz@NATUR.CUNI.CZ
# /usr/afs/bin/tokens

Tokens held by the Cache Manager:

   --End of list--
#

Running afslog while capturinh data by tcpdump, I see connections to port
4444 (udp) on KDC. What services is that and which ports are required for
the reply from KDC back to client through firewall? I didn't configure
the KDC server, but I believe it's not compiled in krb4 nor kaserver mode.


11:17:17.559537 IP client.natur.cuni.cz.35441 > kdc.natur.cuni.cz.4444: UDP, length: 252


Do we have to regenerate afs keys?

Does the client have to have regenerated rcmd host key?
Yes, it's IP address has changed.

TIA
-- 
Martin Mokrejs <mmokrejs@natur.cuni.cz>
PGP5.0i key is at http://www.natur.cuni.cz/~mmokrejs

Follow-Ups:
- Re: afslog doesn't give tokens
  - From: joda@pdc.kth.se (Johan Danielsson)

Next by Date: Re: afslog doesn't give tokens
Next by thread: Re: afslog doesn't give tokens
Index(es):
- Date
- Thread