On Sun, Mar 30, 2014 at 01:45:13PM +0000, Mike Gabriel wrote: > On Sa 15 Mär 2014 11:31:12 CET, Wolfgang Schweer wrote: > >On Wed, Mar 12, 2014 at 05:53:40PM +0900, nigel barker wrote: > >>Mar 12 17:42:35 ws30 rpc.gssd[2033]: ERROR: Key table file > >>'/etc/krb5.keytab' not found while beginning keytab scan for keytab > >>'FILE:/etc/krb5.keytab' Mar 12 17:42:35 ws30 rpc.gssd[2033]: ERROR: > >>gssd_refresh_krb5_machine_credential: no usable keytab entry found > >>in keytab /etc/krb5.keytab for connection with host tjener.intern > >>Mar 12 17:42:35 ws30 rpc.gssd[2033]: ERROR: No credentials found for > >>connection to server tjener.intern > > > >Looks like the krb5_machine_credential is required. > > > >This worked for me in a virtual box test environment (ltspserver01 > >running with bpo kernel 3.12): > > > >(1) As root on tjener execute kadmin to create Kerberos machine account > >(enter root pw when prompted): > > > >kadmin: ank -randkey host/ltspserver01.intern$ > >kadmin: ank -randkey nfs/ltspserver01.intern$ > >kadmin: ktadd -randkey host/ltspserver01.intern$ > >kadmin: ktadd -randkey host/ltspserver01.intern$ > >kadmin: q > > [..] > >I guess this might be an issue for d-e jessie... > > Ohooooh... This will become quite a problem on diskless workstations > (that naturally do not have per-machine unique machine credentials). On _diskless_ workstations, sshfs is used by default for mounting a users's home dir. So IMO there won't be a problem. Wolfgang
Attachment:
signature.asc
Description: Digital signature