[877] in Kerberos
Kerberos Difficulties
daemon@ATHENA.MIT.EDU (Steve Lunt)
Thu Feb 22 15:19:26 1990
From: ctt.bellcore.com!lunt@BELLCORE.BELLCORE.COM (Steve Lunt)
To: kerberos@ATHENA.MIT.EDU
I have been having some weird problems in attempting to bring Kerberos
up on my network. I cannot change my password using the kpasswd facility.
Below is the error message:
-------------------------------------------------------------------------------
$ /usr/athena/klist
Ticket file: /tmp/tkt338
Principal: lunt@CTT.BELLCORE.COM
Issued Expires Principal
Feb 22 14:14:07 Feb 22 19:14:07 krbtgt.CTT.BELLCORE.COM@CTT.BELLCORE.COM
$ /usr/athena/kpasswd
Old password for lunt:
lrealm is CTT.BELLCORE.COM
krb_udp_port is 60930
Getting host entry for dduck.ctt.bellcore.com...Got it.
Sending message to 128.96.128.63...Sent
Waiting for reply...received packet from 128.96.128.63
Received it
Clen is 120
New Password for lunt:
Verifying, please re-enter New Password for lunt:
./kpasswd: Could not connect to server attempting to change password.
Password NOT changed.
-------------------------------------------------------------------------------
Do you know what is wrong here? I was able to get a ticket from the Kerberos
server (as evidenced from the output of klist), but kpasswd seems not to be
able to connect to that server. Is there some other server I need to define
somewhere?
I have also found several other inadequacies with Kerberos:
1. The operation guide neglected to inform me that, apparently (after pouring
through source code), you need to create a "changepw" principal via kdb_edit
in order to use kpasswd. The error message caused by this was not
indicative of the problem.
2. There is no utility to list all entries in the Kerberos master database (a
sort of /usr/etc/kdb_list). I have written one, using kdb_edit and
kdb_util as models.
3. There is no utility to delete an entry from the Kerberos master database (a
sort of /usr/etc/kdb_del).
-- Steve
Steven J. Lunt RRC-1K227B
Computer Security Technology 444 Hoes Lane
Bellcore Piscataway, NJ 08854
lunt@ctt.bellcore.com (201) 699-4244
