https://bugzilla.novell.com/show_bug.cgi?id=614293 https://bugzilla.novell.com/show_bug.cgi?id=614293#c48 Neil Brown <nfbrown@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- InfoProvider|mcaj@suse.com |update@mrc-systems.de --- Comment #48 from Neil Brown <nfbrown@novell.com> 2011-08-17 00:55:29 UTC --- Thanks for the log... It looks a bit odd though - I cannot make out why it is doing what it appears to be doing. So I've spent a while setting up kerberos and exploring gssd and I have found another possible approach. Could you please try adding default_tkt_enctypes = des-cbc-md5 des-cbc-crc des3-cbc-sha1 to the [libdefaults] section of /etc/krb5.conf, and trying again with the standard openSUSE-11.4 rpc.gssd? If that doesn't get you there, add permitted_enctypes = des-cbc-md5 des-cbc-crc des3-cbc-sha1 default_tgs_enctypes = des-cbc-md5 des-cbc-crc des3-cbc-sha1 and see if that helps. It appears that the problem is really with the server - the libraries understand the newer encryptiong types but the kernel doesn't. So a client that uses a newer encryption type results in confusion. The above addition to krb5.conf tell kerberos to only use the older encryption types and so allow it to work with an older server. I don't actually have an 11.1 machine I can play with as a server so I haven't tried out exactly the combination you have, but making those changes does seem to change the things that rpc.gssd says to better match what the old rpc.gssd said. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.