[8770] in Info-AFS_Redistribution
Re: Openssh on solaris 2.5.1
daemon@ATHENA.MIT.EDU (Peter Scott)
Wed Dec 12 21:43:24 2001
Message-Id: <4.3.2.7.2.20011212183705.00b59100@mail2a.jpl.nasa.gov>
Date: Wed, 12 Dec 2001 18:38:51 -0800
To: "Douglas E. Engert" <deengert@anl.gov>
From: Peter Scott <Peter.J.Scott@jpl.nasa.gov>
Cc: info-afs@transarc.com
In-Reply-To: <3C180EDD.B6D6CF5@anl.gov>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
At 08:13 PM 12/12/01 -0600, Douglas E. Engert wrote:
>Does /etc/services have 750 defined?
Yes, but as "kerberos", not "kerberos-iv", which is apparently what it was
looking for. However, it said it was using the default port of 750 and
snoop showed it did, so I imagine this is a case of calling getservbyname()
and falling back to a default in a header file.
>Peter Scott wrote:
> >
> > At 09:16 PM 12/12/01 +0100, Harald Barth wrote:
> >
> > > > Client machine 'grimble' sends packet that includes the kerberos
> realm and
> > > > "rcmd.grimble' (all else is binary).
> > > > Server sends response that includes username, part of realm (last
> > > component
> > > > is missing), and text "code = 8: Exec format er"
> > >
> > >Part of realm? This response looks fishy. What kind and version of
> > >kdc do you use? Have you tested another one?
> >
> > It's the AFS kdc - 'kerberos' is an alias for our primary authentication
> > server. This worked for the gettoken utility, so I wasn't expecting any
> > more problems. However, I notice that whenever I login via the existing
> > SSH1 sshd, or whenever I do a klog, that there is no traffic there on port
> > 750, only on 7002/7004. I'm still missing a piece of the puzzle.
--
Peter Scott
Peter.J.Scott@jpl.nasa.gov
