Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG  Not logged in ELOG logo
icon5.gif   kerberos authentication , posted by Szu-Ching Peckner on Mon Aug 20 21:48:08 2012 
    icon2.gif   Re: kerberos authentication , posted by Szu-Ching Peckner on Mon Aug 20 22:11:21 2012 
       icon14.gif   Re: kerberos authentication , posted by Szu-Ching Peckner on Tue Aug 21 17:16:19 2012 
Message ID: 67316     Entry time: Tue Aug 21 17:16:19 2012     In reply to: 67315
Icon: Agree  Author: Szu-Ching Peckner  Author Email: 
Category: Bug report  OS: Linux  ELOG Version: 2.9.2 
Subject: Re: kerberos authentication  

Szu-Ching Peckner wrote:

Szu-Ching Peckner wrote:

Hello, I have

authentication = kerberos

kerberos Realm = xxx

I ran tcpdump and know elogd server did attempt to contact kerberos server. I could run kinit username@realm_name, and klist shows my ticket fine. 

I receive "kerberos error 256: Decrypt integrity check failed. Please check your kerberos configuration" when I entered my password wrong purposely on login page.

I receive "Invalid user name or password!' when I entered my correct password. 

Please advise. 



I forgot to mention, I also have Password file line in elogd.cfg file. Because without password file line, I wouldn't get login screen. I know my test account is not in the main.pwd file. I believe elogd does go to kerberos server to compare password. I just don't get why I get invalid username and password when I entered correct password, while kerberos error (expected) when I enter wrong password.  

Authentication = Kerberos

Kerberos Realm = xxx

Password file = main.pwd

 It's resolved.  I read the documentation again, and found out my mistake. I didnt have username defined on password file. 

ELOG V3.1.5-3fb85fa6