Re: GSSFTP / Kerberos question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> 
>>> more information
>>> GSSAPI error minor: Unknown code krb5 144
>>> GSSAPI error: accepting context
>>> GSSAPI ADAT failed
>>> GSSAPI authentication failed
>>> 
>>> Connections to the primary hostname work:
>>> 334 Using authentication type GSSAPI; ADAT must follow
>>> GSSAPI accepted as authentication type
>>> GSSAPI authentication succeeded
>>> 
>>> Looking at the Kerberos error code though, it says that 144 is
> "Wrong
>>> principal in request".  Anyone have an idea on what needs to be
> done to
>>> get this working?
>>> 
>>> Thanks,
>>> Maarten
>>> 
>> 
>> 
>> Can you resolv your secound hostname where you have the secound
>> principal?
>> 
>> Thomas
> 
> Yes.  DNS is functioning properly and I can log in with my password, but
> not via GSSAPI.  I've also tried putting the extra_addresses and
> scan_interfaces options in my krb5.conf but that hasn't helped either.
> 
> Could this be a routing issue?  My default route points out the primary
> hostname interface.  There are no specific routes for the secondary
> hostname though.

I think your first and secound ip is in the same subnet for that you need the same default gateway.

There are to princs like:

ftp/foo1.bar.com
ftp/foo2.bar.com

and

host/foo1.bar.com
host/foo2.bar.com

Maybe you can try GSS with ssh login for hostname1 and hostname2.
Or something selinux missing?

Thomas


-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux