kerberos implementations compatibility
Kevin Coffman
kwc at citi.umich.edu
Tue Mar 20 12:32:43 EDT 2007
> Interesting. So you had to use the Heimdal kadmin to create the
> keytab, correct? What do you get from 'klist -e -k' on the server?
> The salt type _shouldn't_ be a factor here since it should only be
> used to translate string-to-key. A packet trace from the client
> capturing the packets from it to the KDC and the NFS server would be
> helpful also.
Sorry, I somehow missed the part that this error was when starting up
rpc.gssd. 'klist -e -k' output on the _client_ would be useful, as
well as any exchange it has with the KDC. i.e. does it get a TGT? If
so, what enctypes are used there? ("klist -e -c <client cred cache
name>")
Also, what enctypes are supported by the Heimdal KDC vs. the MIT KDC.
K.C.
More information about the NFSv4
mailing list