[29840] in Kerberos
Re: Solaris 10, secure nfs, permission denied
daemon@ATHENA.MIT.EDU (Jeff Blaine)
Thu May 15 13:52:58 2008
Message-ID: <482C7850.5010009@kickflop.net>
Date: Thu, 15 May 2008 13:52:16 -0400
From: Jeff Blaine <jblaine@kickflop.net>
MIME-Version: 1.0
To: Kevin Coffman <kwc@citi.umich.edu>
In-Reply-To: <4d569c330805151048t7a3e5ad6x1857ba53feeaa8e3@mail.gmail.com>
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
> It looks like maybe you tried to hide some details, but didn't get
> them all? Does your real DNS domain match your REALM name? If not,
> does your krb5.conf (/etc/krb5/krb5.conf) properly map the hosts'
> domain(s) to your realm?
Yes *sigh* :( Everything works properly outside of this
particular krb5 usage. The realm is all set up and working fine
otherwise.
I just wasn't careful enough with my email sanitization.
> BTW, there is no need to limit Solaris 10 hosts to DES-only keys.
> That is a current Linux limitation. As long as your Solaris server
> has a DES key (along with keys for stronger enctypes), the Linux
> client should be able to negotiate the correct DES enctype. Solaris
> 10 servers and clients can handle the stronger encryption types.
Good to know for when I get past this problem. Thanks.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
