Hello, I cannot find a similar report, so maybe I am doing something wrong, so I kindly ask if someone could give me a hint. I am not subscribed to the list, so please at least CC me in reply. Since the update to krb5-1.7 in sid I cannot authenticate to services anymore. KDCs I tried are the ones from krb5 1.6 & 1.7 and Win2k3 AD. To get a reproducible setup I installed a small krb5 1.7 kdc environment. To check if I can get a TGT I did the following as root on the kdc: # kinit root/admin Password for root/admin@HOME.LAN: # klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: root/admin@HOME.LAN Valid starting Expires Service principal 05/21/09 11:24:04 05/21/09 21:24:04 krbtgt/HOME.LAN@HOME.LAN renew until 05/22/09 11:24:01 So this works as expected, I think. Now I do this: # kadmin Authenticating as principal root/admin@HOME.LAN with password. Password for root/admin@HOME.LAN: kadmin: GSS-API (or Kerberos) error while initializing kadmin interface There are other examples like ssh auth using gss-api and nfs4, all stopped working when I upgraded the client's krb5-packages to 1.7-xxx. Latest krb5 version I tried is 1.7dfsg~beta2-4. Downgrading the client to 1.6.dfsg.4~beta1-13 (from testing) fixes the problems. System is Debian/Sid amd64 from May 21, 2009. -- --------------------------------------- Malte Schröder MalteSch@gmx.de ICQ# 68121508 ---------------------------------------
Attachment:
signature.asc
Description: PGP signature