HPE Community
Operating System - HP-UX
1820098 Members
3545 Online
109608 Solutions
New Discussion юеВ

Kerberos Authentication Error

 
Jeff Carlin
Frequent Advisor

тАО02-24-2005 06:31 AM

тАО02-24-2005 06:31 AM

Kerberos Authentication Error

I am having some trouble with new installation of Kerberos v5 client. I'm just learning... After successfully validating against a MS 2003 AD server, subsuquent commands like FTP back to myself fail. I assume a good test to see if my credentials are being passed for SSO is telneting or FTPing back to my self...?

When I sign on, I get the proper kerberos password prompt and when I enter the password that is in AD I am allowed to sign on. I know this is correct, since my local password on the HP is different. If I klist, I see a new ticket. If I telnet back to the same host, I get the following:

------------------------------------------
$ telnet ptwlab13
Trying...
Connected to ptwlab13.kih.kmarttest.com.
Escape character is '^]'.
ERROR! Kerberos authentication failed.
To bypass Kerberos authentication, use the -P option.
Local flow control on
Connection closed by foreign host.
$
------------------------------------------

Likewise, if I ftp it fails, but there is more information I think:

------------------------------------------
$ ftp ptwlab13
Connected to ptwlab13.kih.kmarttest.com.
220 ptwlab13.kih.kmarttest.com FTP server (Version 1.1.214.4(PHNE_30990) Mon Nov 15 12:47:12 GMT 2004) ready.
Error initializing security using principal 'ftp@ptwlab13.kih.kmarttest.com':
Miscellaneous failure
Server not found in Kerberos database
Error initializing security using principal 'host@ptwlab13.kih.kmarttest.com':
Miscellaneous failure
KRB5 error code 52
ERROR! Kerberos authentication failed.
ftp>
--------------------------------------------

I'm using the newer krb5client software from HP that is supposed to use tcp. Anyone able to help me along here?
Where wisdom is called for, force is of little use. --Of course, a hammer does wonders for relieving stress.
0 Kudos
Reply
2 REPLIES 2
Steven E. Protter
Exalted Contributor

тАО02-24-2005 06:40 AM

тАО02-24-2005 06:40 AM

Re: Kerberos Authentication Error

This thread appears to have the same error code:
http://www6.itrc.hp.com/service/james/dispDoc.do?docURL=http%3A%2F%2Fsearch.hp.com%2Fredirect.html%3Furl%3Dhttp%253A%2F%2Fforums1.itrc.hp.com%2Fservice%2Fforums%2Fquestionanswer.do%253FthreadId%253D753843%26qt%3D%252BKRB5%2B%252Berror%2B%2B%252Bcode%2B%252B52%2B%26hit%3D1&aid=SEARCH_FORUMS&pil=1&serStr=KRB5+error+code+52&pir=1

Perhaps there is a solution in there.

There is a way to build kerebos into your ftp authentication. I recall this from an Internet Security Class.

Are doing that? You may need to to make ftp work under these circumstances.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Jeff Carlin
Frequent Advisor

тАО02-24-2005 07:58 AM

тАО02-24-2005 07:58 AM

Re: Kerberos Authentication Error

That link doesn't open for me.
Where wisdom is called for, force is of little use. --Of course, a hammer does wonders for relieving stress.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.