Auth-Type krb5 not recognized by v2.1.12

Jaap Winius jwinius at
Wed Mar 27 15:25:29 CET 2013

Quoting Iliya Peregoudov <iperegudov at>:

> From
> "Make sure the keytab is readable by the user that is used to run radiusd..."
> On 27.03.2013 7:09, Jaap Winius wrote:
>> rlm_krb5: verify_krb_v5_tgt: host key not found : Permission denied

You're right about that! My mistake. The Freeradius keytab had  
permissions 600, but with owner/group root.freerad. I've now changed  
its permissions to 640 with owner/group freerad.freerad and that error  
has now disappeared. Yet, strangely it seems to make no difference to  
the final outcome with either 2.1.10 or 2.1.12. That must be because  
Freeradius was/is actually reading the keytab as root.



More information about the Freeradius-Users mailing list