[30537] in Kerberos
Re: Kerberos auth based on ticket
daemon@ATHENA.MIT.EDU (Russ Allbery)
Mon Dec 15 20:08:41 2008
To: Mathew Rowley <mathew_rowley@cable.comcast.com>
In-Reply-To: <C56C4AA7.4F7C%mathew_rowley@cable.comcast.com> (Mathew Rowley's
message of "Mon\, 15 Dec 2008 17\:55\:51 -0700")
From: Russ Allbery <rra@stanford.edu>
Date: Mon, 15 Dec 2008 17:07:53 -0800
Message-ID: <877i61x6za.fsf@windlord.stanford.edu>
MIME-Version: 1.0
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Mathew Rowley <mathew_rowley@cable.comcast.com> writes:
> **Shows that there is a ticket
> [mrowley@ipa01 ~]$ klist
> Ticket cache: FILE:/tmp/krb5cc_502_WaiNgJ
> Default principal: mrowley@IPA.COMCAST.COM
>
> Valid starting Expires Service principal
> 12/15/08 19:52:10 12/16/08 05:52:10 krbtgt/IPA.COMCAST.COM@IPA.COMCAST.COM
> renew until 12/15/08 19:52:10
You have no service ticket for the host, so GSSAPI authentication was
never even attempted by the client.
ssh -vvv may help in figuring out why that's the case.
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
