Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG  Not logged in ELOG logo
icon5.gif   kerberos authentication , posted by Szu-Ching Peckner on Mon Aug 20 21:48:08 2012 
    icon2.gif   Re: kerberos authentication , posted by Szu-Ching Peckner on Mon Aug 20 22:11:21 2012 
       icon14.gif   Re: kerberos authentication , posted by Szu-Ching Peckner on Tue Aug 21 17:16:19 2012 
Message ID: 67315     Entry time: Mon Aug 20 22:11:21 2012     In reply to: 67314     Reply to this: 67316
Icon: Reply  Author: Szu-Ching Peckner  Author Email: speckner@nd.edu 
Category: Bug report  OS: Linux  ELOG Version: 2.9.2 
Subject: Re: kerberos authentication  

Szu-Ching Peckner wrote:

Hello, I have

authentication = kerberos

kerberos Realm = xxx

I ran tcpdump and know elogd server did attempt to contact kerberos server. I could run kinit username@realm_name, and klist shows my ticket fine. 

I receive "kerberos error 256: Decrypt integrity check failed. Please check your kerberos configuration" when I entered my password wrong purposely on login page.

I receive "Invalid user name or password!' when I entered my correct password. 

Please advise. 

 

 

I forgot to mention, I also have Password file line in elogd.cfg file. Because without password file line, I wouldn't get login screen. I know my test account is not in the main.pwd file. I believe elogd does go to kerberos server to compare password. I just don't get why I get invalid username and password when I entered correct password, while kerberos error (expected) when I enter wrong password.  

Authentication = Kerberos

Kerberos Realm = xxx

Password file = main.pwd

ELOG V3.1.5-3fb85fa6