[448] in Kerberos-V5-bugs
[gildea@x.org: kerberos problems]
daemon@ATHENA.MIT.EDU (hoffmann@MIT.EDU)
Sat Apr 2 18:07:26 1994
From: hoffmann@MIT.EDU
Date: Sat, 2 Apr 94 18:07:14 -0500
To: krb5-bugs@MIT.EDU
Cc: jon@security.ov.com, tom@MIT.EDU, gildea@x.org
I got the following from Stephen Gildea from the X Consortium:
====
To: hoffmann@MIT.EDU
Subject: kerberos problems
Date: Sat, 02 Apr 1994 11:45:19 EST
From: Stephen Gildea <gildea@x.org>
Hey, can you help me with a Kerberos problem? I'm trying to test
Kerberos for X11R6. I sent mail to Ted and Tom, but no response yet.
And we have a deadline coming up.
I'm using the MIT KDC. When I my X clients try to get credentials to
hand to the X server, they get an error packet back. I've no clue;
this used to work. The error message is useless: "Generic error".
Is there some logging on the TGS end you can examine to see why my
requests are being rejected?
< Stephen
=====
In examining the logs, I found the following:
Apr 2 17:44:54 fmult krb5kdc[13867]: AS_REQ: ISSUE: authtime 765326694, host 198.112.45.51, gildea@ATHENA.MIT.EDU for krbtgt/ATHENA.MIT.EDU@ATHENA.MIT.EDU
Apr 2 17:45:03 fmult krb5kdc[13867]: TGS_REQ: PROCESS_TGS: authtime 765326691,host 198.112.45.51, <unknown client> for gildea@ATHENA.MIT.EDU, Generic unknownRC/IO error
Apr 2 17:45:03 fmult krb5kdc[13867]: TGS_REQ: PROCESS_TGS: authtime 765326691,host 198.112.45.51, <unknown client> for gildea@ATHENA.MIT.EDU, Generic unknownRC/IO error
Apr 2 17:45:05 fmult krb5kdc[13867]: TGS_REQ: PROCESS_TGS: authtime 765326691,host 198.112.45.51, <unknown client> for gildea@ATHENA.MIT.EDU, Generic unknownRC/IO error
Apr 2 17:45:11 fmult krb5kdc[13867]: TGS_REQ: PROCESS_TGS: authtime 765326691,host 198.112.45.51, <unknown client> for gildea@ATHENA.MIT.EDU, Generic unknownRC/IO error
Apr 2 17:45:11 fmult krb5kdc[13867]: TGS_REQ: PROCESS_TGS: authtime 765326691,host 198.112.45.51, <unknown client> for gildea@ATHENA.MIT.EDU, Generic unknownRC/IO error
Apr 2 17:45:11 fmult krb5kdc[13867]: TGS_REQ: PROCESS_TGS: authtime 765326691,host 198.112.45.51, <unknown client> for gildea@ATHENA.MIT.EDU, Generic unknownRC/IO error
Apr 2 17:45:21 fmult krb5kdc[13867]: TGS_REQ: PROCESS_TGS: authtime 765326691,host 198.112.45.51, <unknown client> for gildea@ATHENA.MIT.EDU, Generic unknownRC/IO error
Apr 2 17:45:21 fmult krb5kdc[13867]: TGS_REQ: PROCESS_TGS: authtime 765326691,host 198.112.45.51, <unknown client> for gildea@ATHENA.MIT.EDU, Generic unknownRC/IO error
Evidently getting the ticket was working but the user/user
auth wasn't.
Tom Coppeto had the idea to restart the server, after which
things appeared to work:
Apr 2 17:53:54 fmult krb5kdc[28965]: AS_REQ: ISSUE: authtime 765327234, host 198.112.45.51, gildea@ATHENA.MIT.EDU for krbtgt/ATHENA.MIT.EDU@ATHENA.MIT.EDU
Apr 2 17:54:03 fmult krb5kdc[28965]: TGS_REQ: ISSUE: authtime 765327234, host 198.112.45.51, gildea@ATHENA.MIT.EDU for gildea@ATHENA.MIT.EDU
Clearly something had gotten a little rotten.
-Ron
ps. this was the server on kerberos-2.mit.edu (fmult). -rmh
