Last time I tried kerberos on netbsd (I guess about Christmas) it 'just worked'
with v5. 
Have you got anything that might enable v4 in krb5.conf?

Otherwise , maybe it's your version of netbsd - I've always used current...


* John R. Shannon <john@johnrshannon.com> [0901 12:01]:
> I have a Kerberos V only (heimdal) authentication server. When I run kinit I 
> get:
> 
> $ kinit
> john@JOHNRSHANNON.COM's Password:
> kinit: NOTICE: ticket renewable lifetime is 1 week
> kinit: converting creds: Cannot contact any KDC for requested realm
> 
> and klist shows:
> 
> $ klist
> Credentials cache: FILE:/tmp/krb5cc_1000
>         Principal: john@JOHNRSHANNON.COM
> 
>   Issued           Expires          Principal
> Sep  2 04:52:13  Sep  2 14:52:13  krbtgt/JOHNRSHANNON.COM@JOHNRSHANNON.COM
> Sep  2 04:52:13  Sep  2 14:52:13  krbtgt/JOHNRSHANNON.COM@JOHNRSHANNON.COM
> 
>    V4-ticket file: /tmp/tkt1000
> klist: No ticket file (tf_util)
> 
> On an OpenBSD client, when I do the same thing I see:
> 
> Credentials cache: FILE:/tmp/krb5cc_0
>         Principal: john@JOHNRSHANNON.COM
> 
>   Issued           Expires          Principal
> Sep  2 04:50:26  Sep  2 14:50:26  krbtgt/JOHNRSHANNON.COM@JOHNRSHANNON.COM
> 
> 
> Monitoring the network traffic shows that port 4444/udp, the krb5 -> krb4 
> ticket conversion, on the authentication server is being accessed by the 
> client; there is nothing listening to that port.
> 
> From this, I assume that the client is trying to setup both Kerberos IV and V 
> credentials. How do I set up the NetBSD client for Kerberos V only?
> 
> -- 
> 
> John R. Shannon
> john@johnrshannon.com

-- 
Mencken and Nathan's Fifteenth Law of The Average American:
	The worst actress in the company is always the manager's wife.
Rasputin :: Jack of All Trades - Master of Nuns