[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#622146: nfs-kernel-server: error Encryption type not permitted

"Kramarenko A. Maxim" <mc-sim85@ya.ru> writes:

> P.S. But kinit gets the same ticket from KDC? Or kinit does not use the
> kernel and uses the tools of userland-level?

The NFS server, client, and KDC all have to agree on a single encryption
type, and the encryption type of the service ticket issued by the KDC to
the client has to be in an encryption type that the NFS server supports.

> root@debian:~# klist
> Ticket cache: FILE:/tmp/krb5cc_0
> Default principal: nfs/debian.sag.local@SAG.LOCAL

> Valid starting     Expires            Service principal
> 11/14/11 22:51:28  11/15/11 08:51:36  krbtgt/SAG.LOCAL@SAG.LOCAL
>         renew until 11/15/11 22:51:28

It would be more interesting to run klist -e after attempting to contact
the server, so that you can see what the encryption type of the service
ticket for the NFS server was.

Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to: