Subject: kinit (Kerberos)
To: None <>
From: John R. Shannon <>
List: netbsd-help
Date: 09/02/2004 05:01:16
I have a Kerberos V only (heimdal) authentication server. When I run kinit =
$ kinit
john@JOHNRSHANNON.COM's Password:
kinit: NOTICE: ticket renewable lifetime is 1 week
kinit: converting creds: Cannot contact any KDC for requested realm
and klist shows:
$ klist
Credentials cache: FILE:/tmp/krb5cc_1000
Principal: john@JOHNRSHANNON.COM
Issued Expires Principal
Sep 2 04:52:13 Sep 2 14:52:13 krbtgt/JOHNRSHANNON.COM@JOHNRSHANNON.COM
Sep 2 04:52:13 Sep 2 14:52:13 krbtgt/JOHNRSHANNON.COM@JOHNRSHANNON.COM
V4-ticket file: /tmp/tkt1000
klist: No ticket file (tf_util)
On an OpenBSD client, when I do the same thing I see:
Credentials cache: FILE:/tmp/krb5cc_0
Principal: john@JOHNRSHANNON.COM
Issued Expires Principal
Sep 2 04:50:26 Sep 2 14:50:26 krbtgt/JOHNRSHANNON.COM@JOHNRSHANNON.COM
Monitoring the network traffic shows that port 4444/udp, the krb5 -> krb4=20
ticket conversion, on the authentication server is being accessed by the=20
client; there is nothing listening to that port.
=46rom this, I assume that the client is trying to setup both Kerberos IV a=
nd V=20
credentials. How do I set up the NetBSD client for Kerberos V only?
John R. Shannon