directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Seelmann <>
Subject Re: Kerberized SSH keeps asking for password
Date Thu, 04 Feb 2010 07:49:37 GMT

Quoting Andreas Backman <>:

> Thanks a lot for your reply! Somehow I missed that error.
> I removed my keytab and created a new one using your guide. But it   
> seams to be something wrong with the keytab.
>> ktutil
> ktutil:  addent -password -p host/sa-1.base.kplatsen.local -k 1 -e   
> des-cbc-md5
> Password for host/sa-1.base.kplatsen.local@KPLATSEN.LOCAL: (Entering  
>  the password stored in the LDAP, for this entry)
>> kinit -k -t /etc/krb5.keytab host/sa-1.base.kplatsen.local@KPLATSEN.LOCAL
> kinit: Password incorrect while getting initial credentials

There must be something wrong with the password. Please make sure that  
the <keyDerivationInterceptor/> in server.xml is active. Then delete  
the krb5Key attributes from the entry and set a new userPassword for  
the entry via LDAP. Verify that the new password was set and the  
krb5Key attributes were generated.


View raw message