Displaying 6 results from an estimated 6 matches for "rlm_krb5".
Did you mean:
pam_krb5
2016 Dec 20
3
Problem with keytab: "Client not found in Kerberos database"
...> >/ > /> How did you 'fix'
> > >this, on face value, there is nothing wrong with that line.
>
>
> "imdap" is not "idmap"
>
> (so now you understand why I missed it after staring at it so long :-)
Oh yes ;-)
> I can't use rlm_krb5, because I plan to use PEAP+MSCHAP for wifi
> authentication. The krb5 module requires a cleartext password, but
> MSCHAP does not pass a cleartext password. (It is possible to use
> krb5 authentication with TTLS+PAP or TTLS+GTC, both of which send a
> cleartext password)
You might w...
2009 Apr 12
1
ssh_gssapi_check_mechanism fails
Gssapi is failing at the following statement in sshconnect2.c, ok never gets
set to 1::
ssh_gssapi_check_mechanism fails
/* Check to see if the mechanism is usable before we offer it */
while (mech < gss_supported->count && !ok) {
/* My DER encoding requires length<128 */
if (gss_supported->elements[mech].length < 128 &&
2016 Dec 20
4
Problem with keytab: "Client not found in Kerberos database"
I finally found it, thanks to a clue from
https://wiki.archlinux.org/index.php/Active_Directory_Integration
This works:
kinit -k -t /etc/krb5.keytab 'WRN-RADTEST$'
These don't work:
kinit -k -t /etc/krb5.keytab
kinit -k -t /etc/krb5.keytab host/wrn-radtest.ad.example.net
kinit -k -t /etc/krb5.keytab host/wrn-radtest
That is: the keytab contains three different principals:
root
2016 Dec 21
0
Problem with keytab: "Client not found in Kerberos database"
On 20/12/2016 14:10, Rowland Penny wrote:
>> I can't use rlm_krb5, because I plan to use PEAP+MSCHAP for wifi
>> authentication. The krb5 module requires a cleartext password, but
>> MSCHAP does not pass a cleartext password. (It is possible to use
>> krb5 authentication with TTLS+PAP or TTLS+GTC, both of which send a
>> cleartext password...
2005 Nov 21
0
Re: 802.1x machine authentication patch help
...create a realm to strip the "host/"?
> Any help would be appreciated!!!
> Thanks,
> jamie
>
>
> make clean
>
> ./configure --configure --with-raddbdir=/etc/radius
> --with-logdir=/var/log/radius --disable-snmp --without-rlm_sql
> --without-rlm_ldap --without-rlm_krb5
>
> make
>
> make install
>
> modcall: entering group Auth-Type for request 6
> rlm_mschap: No User-Password configured. Cannot create
LM-Password.
> rlm_mschap: No User-Password configured. Cannot create
NT-Password.
> rlm_mschap: Told to do MS-CHAPv2 for host/IS...
2016 Dec 20
0
Problem with keytab: "Client not found in Kerberos database"
...Ah cool, yes that does happen now.
L.P.H. van Belle wrote:
> This is what i found, dont know if thats exact what your looking for.
>
> ( module )
> krb5 {
> keytab = /etc/freeradius/keytab
> service_principal = radius/radius.example.com
> }
I can't use rlm_krb5, because I plan to use PEAP+MSCHAP for wifi
authentication. The krb5 module requires a cleartext password, but
MSCHAP does not pass a cleartext password. (It is possible to use krb5
authentication with TTLS+PAP or TTLS+GTC, both of which send a cleartext
password)
However, I'm not actually...