Mailing List Archives
Authenticated access
|
|
![[Computer Systems Lab]](http://www.cs.wisc.edu/pics/csl_logo.gif)
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Condor-users] kerberos auth problems...
- Date: Fri, 1 Sep 2006 11:46:23 +0200
- From: Arnau Bria <arnau@xxxxxxxxxxxxx>
- Subject: [Condor-users] kerberos auth problems...
Hello,
I'm finding next messages in our NegotiatorLog file:
STARTCOMMAND: starting 440 to <193.X.X.X:33124> on UDP port 33702.
SECMAN: command 440 to <193.X.X.X:33124> on UDP port 33702.
SECMAN: command 60010 to <193.X.X.X:33124> on TCP port 33166.
SECMAN: new session, doing initial authentication.
SECMAN: Auth methods: KERBEROS
HANDSHAKE: in handshake(my_methods = 'KERBEROS')
HANDSHAKE: handshake() - i am the client
HANDSHAKE: sending (methods == 64) to server
HANDSHAKE: server replied (method = 64)
ZKM: krb5_unparse_name: condor/cdf/bcncaf@xxxxxxxx
ZKM: param server princ: condor/cdf/bcncaf@xxxxxxxx
ZKM: no user yet determined, will grab up to slash
ZKM: picked user: condor
Client is condor@xxxxxxxx
ZKM: Server principal is condor/cdf/bcncaf@xxxxxxxx
Trying to get credential
Success..........................
KERBEROS: Could not authenticate!
AUTHENTICATE: method 64 (KERBEROS) failed.
HANDSHAKE: in handshake(my_methods = '')
HANDSHAKE: handshake() - i am the client
HANDSHAKE: sending (methods == 0) to server
condor_write(): Socket closed when trying to write buffer, fd is 10
Buf::write(): condor_write() failed
AUTHENTICATE: handshake failed!
Authentication was a FAILURE.
SECMAN: unable to start session via TCP, failing.
ERROR: SECMAN:2004:Failed to start a session with TCP|AUTHENTICATE:1002:Failure performing handshake|AUTHENTICATE:1004:Failed to authenticate using KERBEROS
condor_write(): Socket closed when trying to write buffer, fd is 6
Buf::write(): condor_write() failed
Could not send PERMISSION
Error: Ignoring schedd for this cycle
And similar messages in MasterLog:
KERBEROS: Could not authenticate!
AUTHENTICATE: method 64 (KERBEROS) failed.
HANDSHAKE: in handshake(my_methods = '')
HANDSHAKE: handshake() - i am the client
HANDSHAKE: sending (methods == 0) to server
condor_write(): timed out writing buffer
Buf::write(): condor_write() failed
AUTHENTICATE: handshake failed!
Authentication was a FAILURE.
SECMAN: unable to start session via TCP, failing.
ERROR: SECMAN:2004:Failed to start a session with TCP|AUTHENTICATE:1002:Failure performing handshake|AUTHENTICATE:1004:Failed to authenticate using KERBEROS
I've been checking my kerberos conf and seems all ok. Jobs keeps in
Idle for ever...
My kerberos sttings from condor_condifg:
SEC_DEFAULT_AUTHENTICATION = REQUIRED
#SEC_DEFAULT_AUTHENTICATION = OPTIONAL
SEC_DEFAULT_AUTHENTICATION_METHODS = KERBEROS
SEC_DEFAULT_ENCRYPTION = OPTIONAL
SEC_DEFAULT_INTEGRITY = PREFERRED
SEC_READ_AUTHENTICATION = OPTIONAL
SEC_CLIENT_AUTHENTICATION = OPTIONAL
SEC_READ_ENCRYPTION = OPTIONAL
SEC_CLIENT_ENCRYPTION = OPTIONAL
SEC_READ_INTEGRITY = OPTIONAL
SEC_CLIENT_INTEGRITY = OPTIONAL
and I have a correct kerberos_map_file....
What could happen with condor_write()?¿
Why is kerberos aUth failling?
Thanks in advance.
Arnau