[419] in Kerberos-V5-bugs
Forwardable TGT problems
daemon@ATHENA.MIT.EDU (Derrick J. Brashear)
Wed Feb 2 16:18:29 1994
Date: Wed, 2 Feb 1994 16:16:42 -0500 (EST)
From: "Derrick J. Brashear" <db74+@andrew.cmu.edu>
To: krb5-bugs@MIT.EDU
Hi,
I've compiled Kerberos 5 beta 3 on my Sun 3 running SunOS 4.1.1.
The ISODE package I have came from athena-dist, also.
Everything works, with the exception of forwardable TGTs. I had made a
few modifications (to where the ticket cache would be by default written)
but I got fresh source and recompiled when I encountered these problems.
I modified krlogind.c slightly so I could see what the problem was:
diff krlogind.c krlogind.c.orig
160d159
< #include <com_err.h>
1518,1519c1517
< com_err("rlogind", status, "while getting forwarded creds.");
< /*fatal(netf, "Can't get forwarded credentials");*/
---
> fatal(netf, "Can't get forwarded credentials");
Here's what happens:
I become user "guest" on my machine.
/krb5/bin/kinit -f shadow
Password for shadow@DEMENTIA.CMU.EDU: xxxx
/krb5/bin/k5list -f
Ticket cache: /ticket/krb5cc_13
Default principal: shadow@DEMENTIA.CMU.EDU
Valid starting Expires Service principal
2-Feb-94 16:12:36 3-Feb-94 13:27:36 krbtgt/DEMENTIA.CMU.EDU@DEMENTIA.CMU.EDU
Flags: FI
User "shadow"'s UID is 17985... and "shadow"'s .k5login file is:
db74@ANDREW.CMU.EDU
shadow@DEMENTIA.CMU.EDU
shadow@CLUB.CC.CMU.EDU
root@DEMENTIA.CMU.EDU
I then invoke rlogin:
/krb5/bin/rlogin -f alycia -k DEMENTIA.CMU.EDU -l shadow
logind: isode: unacceptable combination of options while getting forwarded creds.
(and rlogin fails since I returned an error... normally it would just fail
with a cryptic message)
Can you offer any insight into what the problem might be?
Thanks,
Derrick Brashear
db74@andrew.cmu.edu; shadow@alycia.andrew.cmu.edu
