Does anaybody know how to solve this???

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Does anaybody know how to solve this???

operator-5
Hi,

I am using Kerberos 5-1.4.2 on Solaris 9 and Window 2000 as the KDC.

I am trying to login automatically login with from the unix host to
the same unix host without having to type in a password, i.e. I
should be able to use the host principal.

However, I get "Not enough room for authentication data" and a
password prompt.  I type in my Window's password and successfully
login.

How can I troubleshoot this so that typing in a password is not
needed?

Here is some debugging information:

unixhost(opsadmin)% date
Fri Sep 16 12:39:49 EDT 2005

unixhost(opsadmin)% klist -ef
Ticket cache: FILE:/tmp/krb5cc_opsadmin.BEDFORD.PROGRESS.COM
Default principal: [hidden email]

Valid starting     Expires            Service principal
09/16/05 12:29:17  09/16/05 19:09:17  krbtgt/[hidden email]
        Flags: FPIA, Etype (skey, tkt): DES cbc mode with CRC-32, DES cbc mode with CRC-32
09/16/05 12:29:31  09/16/05 19:09:17  host/[hidden email]
        Flags: FPA, Etype (skey, tkt): DES cbc mode with CRC-32, DES cbc mode with CRC-32
unixhost(opsadmin)%


unixhost(opsadmin)% telnet -a unixhost
Trying 172.16.8.117...
auth debugging enabled
Connected to unixhost.bedford.progress.com (172.16.8.117).
Escape character is '^]'.
>>>TELNET: I support auth type 2 6
>>>TELNET: I support auth type 2 2
>>>TELNET: I support auth type 2 0
>>>TELNET: auth_send got: 02 06 02 02 02 00
>>>TELNET: He supports 2
>>>TELNET: He supports 2
>>>TELNET: Trying 2 2
>>>IS:0: [0] (2042) 6e 82 07 f6 30 82 07 f2 a0 03 02 01 05 a1 03 02
telnet: Not enough room for authentication data
>>>TELNET: He supports 2
>>>TELNET: Trying 2 0
>>>IS:0: [0] (2042) 6e 82 07 f6 30 82 07 f2 a0 03 02 01 05 a1 03 02
telnet: Not enough room for authentication data
>>>TELNET: Sent failure message
Password for opsadmin:
Last login: Sun Sep 11 20:49:30 from unixhost
Sun Microsystems Inc.   SunOS 5.9       Generic May 2002
/usr/local/bin:/usr/bin:/usr/openwin/bin
$


Please REPLY to [hidden email] as well as to the list.

Thanks.

________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos
Reply | Threaded
Open this post in threaded view
|

Re: Does anaybody know how to solve this???

Douglas E. Engert
Sounds like the telnet can not handle a large ticket with a PAC
from W2K. Can you try rlogin instead?

Operator wrote:

> Hi,
>
> I am using Kerberos 5-1.4.2 on Solaris 9 and Window 2000 as the KDC.
>
> I am trying to login automatically login with from the unix host to
> the same unix host without having to type in a password, i.e. I
> should be able to use the host principal.
>
> However, I get "Not enough room for authentication data" and a
> password prompt.  I type in my Window's password and successfully
> login.
>
> How can I troubleshoot this so that typing in a password is not
> needed?
>
> Here is some debugging information:
>
> unixhost(opsadmin)% date
> Fri Sep 16 12:39:49 EDT 2005
>
> unixhost(opsadmin)% klist -ef
> Ticket cache: FILE:/tmp/krb5cc_opsadmin.BEDFORD.PROGRESS.COM
> Default principal: [hidden email]
>
> Valid starting     Expires            Service principal
> 09/16/05 12:29:17  09/16/05 19:09:17  krbtgt/[hidden email]
>         Flags: FPIA, Etype (skey, tkt): DES cbc mode with CRC-32, DES cbc mode with CRC-32
> 09/16/05 12:29:31  09/16/05 19:09:17  host/[hidden email]
>         Flags: FPA, Etype (skey, tkt): DES cbc mode with CRC-32, DES cbc mode with CRC-32
> unixhost(opsadmin)%
>
>
> unixhost(opsadmin)% telnet -a unixhost
> Trying 172.16.8.117...
> auth debugging enabled
> Connected to unixhost.bedford.progress.com (172.16.8.117).
> Escape character is '^]'.
>
>>>>TELNET: I support auth type 2 6
>>>>TELNET: I support auth type 2 2
>>>>TELNET: I support auth type 2 0
>>>>TELNET: auth_send got: 02 06 02 02 02 00
>>>>TELNET: He supports 2
>>>>TELNET: He supports 2
>>>>TELNET: Trying 2 2
>>>>IS:0: [0] (2042) 6e 82 07 f6 30 82 07 f2 a0 03 02 01 05 a1 03 02
>
> telnet: Not enough room for authentication data
>
>>>>TELNET: He supports 2
>>>>TELNET: Trying 2 0
>>>>IS:0: [0] (2042) 6e 82 07 f6 30 82 07 f2 a0 03 02 01 05 a1 03 02
>
> telnet: Not enough room for authentication data
>
>>>>TELNET: Sent failure message
>
> Password for opsadmin:
> Last login: Sun Sep 11 20:49:30 from unixhost
> Sun Microsystems Inc.   SunOS 5.9       Generic May 2002
> /usr/local/bin:/usr/bin:/usr/openwin/bin
> $
>
>
> Please REPLY to [hidden email] as well as to the list.
>
> Thanks.
>
> ________________________________________________
> Kerberos mailing list           [hidden email]
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
>

--

  Douglas E. Engert  <[hidden email]>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444
________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos