Hi everybody,
Could you help me to setup my new squid server? I have a problem with keytab authorization.
2022/11/16 11:35:39| ERROR: Negotiate Authentication validating user. Result: {result=BH, notes={message: gss_accept_sec_context() failed: Unspecified GSS failure. Minor code may provide more information. Cannot decrypt ticket for HTTP/uisproxy-rop.***.***.corp@***.***.CORP using keytab key for HTTP/uisproxy-rop.***.***.corp@***.**.CORP; }}
Got NTLMSSP neg_flags=0xe2088297
2022/11/16 11:35:40| ERROR: Negotiate Authentication validating user. Result: {result=BH, notes={message: gss_accept_sec_context() failed: Unspecified GSS failure. Minor code may provide more information. Cannot decrypt ticket for HTTP/uisproxy-rop.***.***.corp@***.***.CORP using keytab key for HTTP/uisproxy-rop.***.***.corp@***.***.CORP; }}
# kinit -V -k -t /etc/squid/keytab/uisproxy-rop-t.keytab HTTP/uisproxy-rop.***.***.corp
Using default cache: /tmp/krb5cc_0
Using principal: HTTP/uisproxy-rop.***.***.corp@***.***.CORP
Using keytab: /etc/squid/keytab/uisproxy-rop-t.keytab
Authenticated to Kerberos v5
# klist -ke /etc/squid/keytab/uisproxy-rop-t.keytab
Keytab name: FILE:/etc/squid/keytab/uisproxy-rop-t.keytab
KVNO Principal
---- --------------------------------------------------------------------------
3 uisproxy-rop-t$@***.***.CORP (arcfour-hmac)
3 uisproxy-rop-t$@***.***.CORP (aes128-cts-hmac-sha1-96)
3 uisproxy-rop-t$@***.***.CORP (aes256-cts-hmac-sha1-96)
3 UISPROXY-ROP-T$@***.***.CORP (arcfour-hmac)
3 UISPROXY-ROP-T$@***.***.CORP (aes128-cts-hmac-sha1-96)
3 UISPROXY-ROP-T$@***.***.CORP (aes256-cts-hmac-sha1-96)
3 HTTP/uisproxy-rop.***.***.corp@***.***.CORP (arcfour-hmac)
3 HTTP/uisproxy-rop.***.***.corp@***.***.CORP (aes128-cts-hmac-sha1-96)
3 HTTP/uisproxy-rop.***.***.corp@***.***.CORP (aes256-cts-hmac-sha1-96)
3 host/uisproxy-rop@***.***.CORP (arcfour-hmac)
3 host/uisproxy-rop@***.***.CORP (aes128-cts-hmac-sha1-96)
3 host/uisproxy-rop@***.***.CORP (aes256-cts-hmac-sha1-96)
# klist -kt
Keytab name: FILE:/etc/squid/keytab/uisproxy-rop-t.keytab
KVNO Timestamp Principal
---- ------------------- ------------------------------------------------------
3 11/16/2022 11:30:50 uisproxy-rop-t$@***.***.CORP
3 11/16/2022 11:30:50 uisproxy-rop-t$@***.***.CORP
3 11/16/2022 11:30:50 uisproxy-rop-t$@***.***.CORP
3 11/16/2022 11:30:50 UISPROXY-ROP-T$@***.***.CORP
3 11/16/2022 11:30:50 UISPROXY-ROP-T$@***.***.CORP
3 11/16/2022 11:30:50 UISPROXY-ROP-T$@***.***.CORP
3 11/16/2022 11:30:50 HTTP/uisproxy-rop.***.***.corp@***.***.CORP
3 11/16/2022 11:30:50 HTTP/uisproxy-rop.***.***.corp@***.***.CORP
3 11/16/2022 11:30:50 HTTP/uisproxy-rop.***.***.corp@***.***.CORP
3 11/16/2022 11:30:50 host/uisproxy-rop@***.***.CORP
3 11/16/2022 11:30:50 host/uisproxy-rop@***.***.CORP
3 11/16/2022 11:30:50 host/uisproxy-rop@***.***.CORP
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users