Issue with Kerberos

Khapare Joshi khapare77 at gmail.com
Fri Dec 21 17:05:27 CET 2012


Thank you all, this helped a lot

On Fri, Dec 21, 2012 at 3:21 PM, Alan DeKok <aland at deployingradius.com>wrote:

> Khapare Joshi wrote:
> > I am testing Freeradius with kerberos. seems it is returning accept
> accept
> ...
> > Fri Dec 21 15:05:46 2012 : Info: [pap] WARNING! No "known good" password
> > found for the user.  Authentication may fail because of this.
>
>   That is a warning message, and can be ignored.
>
> > Fri Dec 21 15:05:46 2012 : Debug: rlm_krb5: verify_krb_v5_tgt: host key
> > not found : Permission denied
>
>   That can be ignored, too.  The code worked, but was too complicated.
> This is already fixed in git.  The fix will be in 2.2.1.
>
> > It always says permission denied then returns krb5 ok, What permission
> > denied it is saying ?
>
>   It's a bug.  Ignore it.  There's no issue other than the error message
> is wrong.
>
> > I generated service and host principal and
> > exported keytab file in my radius server then added
> > /etc/raddb/modules/krb5 file. But I always get permission denied debug
> > output.
> >
> > another this is why PAP saying authentication may fail and then process
> > the kerberos part - is this normal ?
>
>   Yes.
>
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20121221/7c1bfd51/attachment.html>


More information about the Freeradius-Users mailing list