[3492] in Kerberos
Re: v5 with v4 clients (srvtab question/problem)
daemon@ATHENA.MIT.EDU (Chris Liebman)
Wed Jun 29 09:00:53 1994
To: kerberos@MIT.EDU
Date: 28 Jun 1994 19:25:53 GMT
From: liebman@zod.com (Chris Liebman)
>>>>> "Paul" == Paul Pomes <p-pomes@mirage.cso.uiuc.edu> writes:
In article <2upobm$a8r@vixen.cso.uiuc.edu> p-pomes@mirage.cso.uiuc.edu (Paul Pomes) writes:
Paul> liebman@zod.com (Chris Liebman) writes:
>> Hi, I have v5 compiled and working on SunOS 4.1.3. I have
>> "host" login service enabled (rlogin) and this works fine for
>> v5 clients. When I try to use an v4 rlogin client I get an
>> error that rlogin service is not available. v5 is compiled with
>> the v4 compatibility and I can use the v4 kinit and friends.
>> What is the trick in generating a srvtab that will allow logins
>> from v4 clients?
Paul> You'll need to add a service key with the unqualified
Paul> hostname as the instance. With kdb5_edit:
Paul> ask rcmd/zod@CLARK.NET crk rcmd/zod@CLARK.NET xst4
Paul> zod@CLARK.NET rcmd
Paul> Then copy the file produced to /etc/srvtab on zod.
Just tried that. Here is the detail:
kdb5_edit: del rcmd/zod@ZOD.COM
Are you sure you want to delete 'rcmd/zod@ZOD.COM'?
Type 'yes' to confirm:yes
OK, deleting 'rcmd/zod@ZOD.COM'
WARNING: Be sure to take 'rcmd/zod@ZOD.COM' off all access control lists
before reallocating the name
kdb5_edit: ask rcmd/zod@CLARK.NET
kdb5_edit: Unknown request "ask". Type "?" for a request list.
kdb5_edit: ark rcmd/zod@CLARK.NET
kdb5_edit: crk rcmd/zod@CLARK.NET
kdb5_edit: xst4 zod@CLARK.NET rcmd
'rcmd/zod@CLARK.NET' added to V4 srvtab 'zod@CLARK.NET-new-v4-srvtab'
kdb5_edit: quit
15:18:20 zod:root(144)% mv zod@CLARK.NET-new-v4-srvtab /etc/srvtab
Then from remote machine:
15:19:40 explorer:liebman(301)% rlogin zod.com
rlogin: Host zod.com isn't registered for Kerberos rlogin service
trying normal rlogin (/usr/ucb/rlogin)
s/key 35 zo64009
(s/key required)
Password: (turning echo on)
Password:
Login incorrect
login: Connection closed.
and in syslog:
Jun 28 15:19:42 zod krb5kdc[77]: PROCESS_V4:UNKNOWN "rcmd" "zod"
Jun 28 15:19:42 zod krlogind[24846]: Authentication failed from clark.net: Software caused connection abort
Jun 28 15:19:42 zod krlogind[24846]: Kerberos authentication failed
Any ideas? (hair falling off head onto floor :^)
-- Chris
--
Chris Liebman Work Home
E-Mail: liebman@xrxedds.com liebman@zod.com
Phone: 1-703-787-2032 1-703-830-1641
