[38341] in Kerberos
mac heimmal / MIT server problem with 2FA
daemon@ATHENA.MIT.EDU (Charles Hedrick)
Wed Sep 26 11:43:43 2018
From: Charles Hedrick <hedrick@rutgers.edu>
To: "kerberos@mit.edu" <kerberos@mit.edu>
Date: Wed, 26 Sep 2018 15:43:16 +0000
Message-ID: <4BF5581F-EEB8-448F-9145-0716396CB1C3@rutgers.edu>
Content-Language: en-US
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-ID: <6849480FFF0A38448960AF2257285810@namprd14.prod.outlook.com>
MIME-Version: 1.0
X-OriginatorOrg: rutgers.edu
X-MS-Exchange-CrossTenant-Network-Message-Id: c76faa87-d057-496c-8a39-08d623c6c67d
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Sep 2018 15:43:17.0116 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: b92d2b23-4d35-4470-93ff-69aca6632ffe
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR1401MB2036
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrLJsWRWlGSWpSXmKPExsWSoa/UpSu+cnW0wbnjYhbz1h9ldWD0aDpz
lDmAMYrLJiU1J7MstUjfLoEr41n/L5aCe+wVi492szUwHmHvYuTgkBAwkWieU9DFyMUhJPCV
SeLyoa9MXYycHCwC/cwSTYcUIBIzmCQu7trDBuE8Y5Q4OOMtM0gVm4C2xJkFG8FsEQFNiR/b
FrGC2MICRhLzn/QyQcTNJZ6enccOYetJrL94lQ1ig6rE3q8LwOp5Bewknt25DxZnFBCT+H5q
DVgvs4C4xK0n88FsCQEBiSV7zjND2KISLx//YwU5SEJgFqPEnU/t7BDNYRJ31r9hgSjSkTh7
/QkjhG0usXPPS6hmWYlL87sZIZoPsUtsODONCRIWvhK350tAxE8zSix++wNu0NYH/6CuKJRo
Xt7KCmFbS6x89QHKlpNY1fuQBaL5JrPE0a+/oIbKSEzbUwMRb2eTmHb6DNhQIYEUiVnnDzJN
YNSdheTTWUAtzMCQXL9LHyLsIdG24xg7hK0oMaX7IZjNKyAocXLmE5YFjKyrGGVTcqt0cxMz
c4pTk3WLkxPz8lKLdI31cjNL9FJTSjcxAhOJEKck3w7GSQ3ehxgFOBiVeHg3WK2KFmJNLCuu
zD3EKMnBpCTKq+CzOlqILyk/pTIjsTgjvqg0J7X4EKMEB7OSCO+dKUA53pTEyqrUonyYlDQH
i5I474SWxdFCAumJJanZqakFqUUwWSYO9kOMMhwcShK88iuAugWLUtNTK9Iyc0qQ1XCCbOAB
2pC3HGRDcUFibnFmOkT+FKMux5UznTOYhVjy8vNSpcR5V4MUCYAUZZTmwc2B5YJLjLJSwryM
DAwMQjxAhwD9jyr/ilEc6Hdh3skg5/Bk5pXAbXoFdAQT0BETelaAHFGSiJCSamDsPGjxZ9uc
w5LqFzQuGfPlpXYHxB8qWvIpNXfXrntz15p8Cy35/JTbX+3lBSOjb1u3LnaVu6ab77B74aPn
ImX2LntcVvdOa+isXD9RKuDXD52Qqj2vVZYlZ0id/BRgHvCx2XzH0mmHum1eevAdNr3DNvX8
OuW2PuGCivn8v5jKavliGxT9D3QrsRRnJBpqMRcVJwIANrxLEQAEAAA=
X-MIME-Autoconverted: from base64 to 8bit by PCH.mit.edu id w8QFhUTM000947
X-BeenThere: kerberos@mit.edu
X-Mailman-Version: 2.1.6
Precedence: list
List-Id: The Kerberos Authentication System Mailing List <kerberos.mit.edu>
List-Unsubscribe: <https://mailman.mit.edu/mailman/listinfo/kerberos>,
<mailto:kerberos-request@mit.edu?subject=unsubscribe>
List-Archive: <http://mailman.mit.edu/pipermail/kerberos>
List-Post: <mailto:kerberos@mit.edu>
List-Help: <mailto:kerberos-request@mit.edu?subject=help>
List-Subscribe: <https://mailman.mit.edu/mailman/listinfo/kerberos>,
<mailto:kerberos-request@mit.edu?subject=subscribe>
Content-Type: text/plain; charset="utf-8"
Sender: kerberos-bounces@mit.edu
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from base64 to 8bit by menelaus.MIT.EDU id w8QFhhLf021600
Client: Mac Mojave
Server: IPA newest version
Command: /usr/bin/kinit --fast-armor-cache=FILE:/tmp/krb5cc_1003 hedrick
with KRB5_TRACE set, shows it is sending UDP packets to the server but getting no response.
tcpdump shows the packets, but there is no entry for the transaction in /var/log/krb5kdc.log
changing to tcp has no effect. tcpdump shows a connection is established, but krb5kdc.log doesn’t show it. The client says
failed to get nbytes from socket, no bytes there?: tcp 128.6.4.10:88 (krb2.cs.rutgers.edu) tid: 00000002
tcpdump shows the client opened a connection and sent 972 bytes. The server closed the connection.
An MIT Kerberos client installed through Macports works fine.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
