On 11.11.2009, at 17:08, Broekman, Maarten wrote: > I have Kerberos configured on my hosts and I want to enable GSSFTP. I > can get it to work on the "primary" hostname of this set of servers, but > not on a secondary (eth0:0) interface. This particular set of servers > are a cluster and have a floating IP between them. I have Kerberos host > principals configured for both the primary and secondary hostnames of > the servers and they are in the keytab file (I can see them with klist), > but when I connect to the secondary hostname I get a GSSAPI error: > > 334 Using authentication type GSSAPI; ADAT must follow > GSSAPI accepted as authentication type > GSSAPI error major: Unspecified GSS failure. Minor code may provide > more information > GSSAPI error minor: Unknown code krb5 144 > GSSAPI error: accepting context > GSSAPI ADAT failed > GSSAPI authentication failed > > Connections to the primary hostname work: > 334 Using authentication type GSSAPI; ADAT must follow > GSSAPI accepted as authentication type > GSSAPI authentication succeeded > > Looking at the Kerberos error code though, it says that 144 is "Wrong > principal in request". Anyone have an idea on what needs to be done to > get this working? > > Thanks, > Maarten > Can you resolv your secound hostname where you have the secound principal? Thomas -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
