Hi,
I'm having a bit of weird Kerberos problem.
Currently I manage a large Linux-based environment, with Kerberos KDCs hosted on Debian 10.
I have zero problems with this in Linux, absolutely none, it all works perfectly.
However now I am trying to connect two FreeBSD clients to the KDCs.
On Linux I would normally run commands such as :
However I appreciate FreeBSD is Heidmal based, so I adapted the command to the relevant syntax:
Of course, the user keytab is present, and of course I have /etc/krb5.conf present (I just use the same one that works perfectly on Linux clients) :
I have tried adding a [domain_realm] section to the krb5.conf but that has no effect.
However what happens is kadmin on FreeBSD just hangs. Nothing happens, it just hangs. I eventually have to kill it because I can't even Ctrl-C out. Nothing is logged on the KDCs or the FreeBSD logs.
I'm having a bit of weird Kerberos problem.
Currently I manage a large Linux-based environment, with Kerberos KDCs hosted on Debian 10.
I have zero problems with this in Linux, absolutely none, it all works perfectly.
However now I am trying to connect two FreeBSD clients to the KDCs.
On Linux I would normally run commands such as :
kadmin -p foobar/admin -q "addprinc -randkey nfs/host.example.com" -k -t /foobar/krb5.keytab
However I appreciate FreeBSD is Heidmal based, so I adapted the command to the relevant syntax:
kadmin -p foobar/admin -K /foobar/krb5.keytab add -r nfs/host.example.com
Of course, the user keytab is present, and of course I have /etc/krb5.conf present (I just use the same one that works perfectly on Linux clients) :
Code:
[libdefaults]
dns_lookup_realm = false
ticket_lifetime = 10h
renew_lifetime = 7d
forwardable = false
rdns = false
default_realm = FOOBAR.CORP
dns_lookup_kdc = true
default_ccache_name = FILE:/tmp/krb5cc_%{uid} # possibly try KEYRING:persistent:%{uid} here...
[realms]
FOOBAR.CORP = {
admin_server = kerberos.foobar.corp
}
[logging]
default = SYSLOG:NOTICE:DAEMON
I have tried adding a [domain_realm] section to the krb5.conf but that has no effect.
However what happens is kadmin on FreeBSD just hangs. Nothing happens, it just hangs. I eventually have to kill it because I can't even Ctrl-C out. Nothing is logged on the KDCs or the FreeBSD logs.