directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oliver Schmidt <>
Subject Problem using OpenSSH and GSSAPI: Missing argument
Date Mon, 06 Jun 2011 20:15:38 GMT

I tried applying the steps in to my ApacheDS and
OpenSSH setup. I faced problems with MIT's kinit and chose to use Heimdal. In order to successfully
kinit with Heimdal, I had to set <spring:property name="encryptionTypes"> to AES128_CTS_HMAC_SHA1_96

In order to do the kinit test with the keytab file, I had to set the
property paEncTimestampRequired to false. Both settings reduce security
but at least the setup seemed to work.

When I try to use use ssh with GSSAPI now, the following error appears:

[18:36:44] DEBUG
[] - Verifying body
checksum type 'HMAC_SHA1_96_AES128'.

[18:36:44] ERROR
- ERR_152 Unexpected exception: Missing argument
java.lang.IllegalArgumentException: Missing argument
	at javax.crypto.spec.SecretKeySpec.<init>(DashoA13*..)

SSH tries several times to get the TGT but all further request are
denied with the message "Request is a replay".

Any idea? :-)

Kind regards

View raw message