Issue with Kerberos
Alan DeKok
aland at deployingradius.com
Fri Dec 21 16:21:19 CET 2012
Khapare Joshi wrote:
> I am testing Freeradius with kerberos. seems it is returning accept accept
...
> Fri Dec 21 15:05:46 2012 : Info: [pap] WARNING! No "known good" password
> found for the user. Authentication may fail because of this.
That is a warning message, and can be ignored.
> Fri Dec 21 15:05:46 2012 : Debug: rlm_krb5: verify_krb_v5_tgt: host key
> not found : Permission denied
That can be ignored, too. The code worked, but was too complicated.
This is already fixed in git. The fix will be in 2.2.1.
> It always says permission denied then returns krb5 ok, What permission
> denied it is saying ?
It's a bug. Ignore it. There's no issue other than the error message
is wrong.
> I generated service and host principal and
> exported keytab file in my radius server then added
> /etc/raddb/modules/krb5 file. But I always get permission denied debug
> output.
>
> another this is why PAP saying authentication may fail and then process
> the kerberos part - is this normal ?
Yes.
Alan DeKok.
More information about the Freeradius-Users
mailing list