|
Re: krb5 auth problem
2008-06-25 18:35:22
xinetd must be configured to run amandad as root.
Jean-Louis
Chad Kotil wrote:
I am trying to setup krb5 auth on amanda 2.6.0p1. I built the server
and client --with-krb5-security, added a new principal to my KDC
(amandabackup@KERBEROS REALM), and wrote a keytab file and placed it
on the server. It is locked down so only amandabackup (the user that
runs amanda) can read it. The clients have a .k5amandahosts file
containing the following:
amandabackup@KERBEROS REALM
backupmaster.f.q.d.n amandabackup@KERBEROS REALM
my amanda.conf file contains
krb5keytab "/etc/amanda/krb5.keytab-amanda"
krb5principal "amandabackup@KERBEROS REALM"
On both of my krb5 auth clients I am seeing this error:
1214425629.641678: amandad: critical (fatal): gss_server failed: real
uid is 10036, needs to be 0 to read krb5 host key
10036 is the UID for amandabackup, 0 is the UID for root.
Both clients work fine if I just use bsdtcp auth. I am using ssh auth
everywhere else but for these two particular hosts I cannot use ssh keys.
Any ideas?
Thanks,
--Chad
|
| <Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: Amanda 2.6.0 spanning, (continued)
- Re: Amanda 2.6.0 spanning, Paul Bijnens
- RE: Amanda 2.6.0 spanning, Johan Booysen
- RE: Amanda 2.6.0 spanning, Johan Booysen
- Re: Amanda 2.6.0 spanning, Dustin J. Mitchell
- RE: Amanda 2.6.0 spanning, Johan Booysen
- Re: Amanda 2.6.0 spanning, Dustin J. Mitchell
- RE: Amanda 2.6.0 spanning, Johan Booysen
- Re: Amanda 2.6.0 spanning, Paul Bijnens
- krb5 auth problem, Chad Kotil
- Re: krb5 auth problem, Alan Pearson
- Re: krb5 auth problem,
Jean-Louis Martineau <=
- Re: krb5 auth problem, Chad Kotil
- Re: krb5 auth problem, Jean-Louis Martineau
- Re: krb5 auth problem, Chad Kotil
- Re: krb5 auth problem, Chad Kotil
- Message not available
- Re: krb5 auth problem, Chad Kotil
- Re: Amanda 2.6.0 spanning, Paul Bijnens
Re: IO Errors backing up to new LTO3, Andrew Best
|
|
|
