tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Heimdal and IPv6



Hi List

I've installed NetBSD-4.99.73 on an AMD64 server, correctly configured
as an IPv4 and IPv6 gateway.

As Heimdal comes in the base system, I played around a little and have
it working sweet except for one details - kerberos fails over IPv6

$ telnet -ax ip6.marples.name
Trying fee1::209:5bff:fe84:887d...
Connected to ip6.marples.name.
Escape character is '^]'.
[ Trying KERBEROS5 ... ]
[ Kerberos V5 refuses authentication because Read req failed: Key table
entry not found ]

# ktutil l
FILE:/etc/krb5.keytab:

Vno  Type                     Principal
  1  des-cbc-md5              host/ip6.marples.name%MARPLES.NAME@localhost
  1  des-cbc-md4              host/ip6.marples.name%MARPLES.NAME@localhost
  1  des-cbc-crc              host/ip6.marples.name%MARPLES.NAME@localhost
  1  aes256-cts-hmac-sha1-96  host/ip6.marples.name%MARPLES.NAME@localhost
  1  des3-cbc-sha1            host/ip6.marples.name%MARPLES.NAME@localhost
  1  arcfour-hmac-md5         host/ip6.marples.name%MARPLES.NAME@localhost

$ host ip6.marples.name
ip6.marples.name has IPv6 address fee1::209:5bff:fe84:887d
$ host fee1::209:5bff:fe84:887d
d.7.8.8.4.8.e.f.f.f.b.5.9.0.2.0.0.0.0.0.0.0.0.0.0.0.0.0.1.e.e.f.ip6.arpa
domain name pointer ip6.marples.name.

Adding the principle host/fee1::209:5bff:fe84:887d then gives
[ Kerberos V5 refuses authentication because Read req failed: Decrypt
integrity check failed ]

Any ideas?
Worth filing a PR?

Thanks

Roy


Home | Main Index | Thread Index | Old Index