[HCoop-Help] kinit(v5): Cannot contact any KDC for realm 'HCOOP.NET' while getting initial credentials

Omry Yadan omry at yadan.net
Sat Jul 5 03:15:12 EDT 2008 

I did it twice:

out.bad is from the problematic machine.

out.good is from the good one.

I diffed them and noticed that one difference is the machines hostname, 
so I tried to make the bad machine have the same hostname but it didn't 
help.

I removed the passwords from both traces.


btw: both machines are inside the same network (ips : 10.0.0.1 and 
10.0.0.2), behind the same router.



Adam Megacz wrote:

> Please change your hcoop password to something else, then:
>
>   strace kinit omry at HCOOP.NET 2> out
>
> type the new password, change your password back, and then post the
> file "out".  You'll want to change your password because the output of
> 'strace' may contain the password you type.
>
>   - a
>
> Omry Yadan <omry at yadan.net> writes:
>   
>> $ traceroute kerberos.hcoop.net
>> traceroute to kerberos.hcoop.net (69.90.123.67), 30 hops max, 40 byte 
>> packets
>>  1  10.0.0.240 (10.0.0.240)  1.998 ms  2.927 ms  3.762 ms
>>  2  10.226.160.1 (10.226.160.1)  35.559 ms  35.912 ms  36.163 ms
>>  3  172.18.8.21 (172.18.8.21)  36.654 ms  37.486 ms  38.127 ms
>>  4  * * *
>>  5  bzq-179-162-110.static.bezeqint.net (212.179.162.110)  39.245 ms 
>> bzq-117-236-86.static.bezeqint.net (192.117.236.86)  40.109 ms 
>> bzq-117-236-90.static.bezeqint.net (192.117.236.90)  41.157 ms
>>  6  bzq-117-236-89.static.bezeqint.net (192.117.236.89)  257.570 ms  
>> 216.038 ms  187.639 ms
>>  7  bzq-219-189-9.cablep.bezeqint.net (62.219.189.9)  12.282 ms  12.976 
>> ms  14.782 ms
>>  8  bzq-219-189-22.cablep.bezeqint.net (62.219.189.22)  510.076 ms  
>> 510.435 ms  510.612 ms
>>  9  linx-gw1.peer1.net (195.66.224.156)  78.789 ms  79.403 ms  79.176 ms
>> 10  216.187.115.33 (216.187.115.33)  158.100 ms  151.347 ms  154.248 ms
>> 11  oc48-po3-0.nyc-75bre-dis-1.peer1.net (216.187.115.134)  152.964 ms  
>> 152.736 ms  151.943 ms
>> 12  216.187.115.170 (216.187.115.170)  152.684 ms  165.564 ms  165.686 ms
>> 13  deleuze.hcoop.net (69.90.123.67)  161.773 ms  161.042 ms  150.731 ms
>>
>>
>>
>> dns_lookup_kdc  and  dns_lookup_realm  were missing.
>>
>> I added both, but it didn't help.
>>
>>
>>
>> # dig -t SRV _kerberos._udp.hcoop.net
>>
>> ; <<>> DiG 9.4.2 <<>> -t SRV _kerberos._udp.hcoop.net
>> ;; global options:  printcmd
>> ;; Got answer:
>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60099
>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
>>
>> ;; QUESTION SECTION:
>> ;_kerberos._udp.hcoop.net.      IN      SRV
>>
>> ;; ANSWER SECTION:
>> _kerberos._udp.hcoop.net. 20472 IN      SRV     0 1 88 kerberos1.hcoop.net.
>>
>> ;; AUTHORITY SECTION:
>> hcoop.net.              146436  IN      NS      ns1.hcoop.net.
>> hcoop.net.              146436  IN      NS      ns5.hcoop.net.
>>
>> ;; ADDITIONAL SECTION:
>> kerberos1.hcoop.net.    20472   IN      A       69.90.123.67
>> ns1.hcoop.net.          145099  IN      A       69.90.123.67
>> ns5.hcoop.net.          142643  IN      A       89.16.166.179
>>
>> ;; Query time: 16 msec
>> ;; SERVER: 192.114.47.4#53(192.114.47.4)
>> ;; WHEN: Sat Jul  5 00:58:44 2008
>> ;; MSG SIZE  rcvd: 165
>>
>>
>>
>>
>>
>>
>> Adam Megacz wrote:
>>
>>     
>>> Omry, please perform steps 1, 2, and 3 from this page and report back
>>> with results:
>>>
>>>   http://wiki.hcoop.net/MemberManual/ShellAccess/TroubleshootingKerberos
>>>
>>>   - a
>>>
>>> Omry Yadan <omry at yadan.net> writes:
>>>   
>>>       
>>>> Davor Ocelic wrote:
>>>>
>>>>     
>>>>         
>>>>> On Fri, 04 Jul 2008 08:06:15 +0300
>>>>> Omry Yadan <omry at yadan.net> wrote:
>>>>>
>>>>>   
>>>>>       
>>>>>           
>>>>>> When I try to log into the hcoop from my home machine I get this:
>>>>>>
>>>>>>
>>>>>> kinit omry at HCOOP.NET
>>>>>>
>>>>>> Password for omry at HCOOP.NET:
>>>>>> kinit(v5): Cannot contact any KDC for realm 'HCOOP.NET' while getting 
>>>>>> initial credentials
>>>>>>
>>>>>>
>>>>>> it used to work for a long time, but something happened a few days
>>>>>> ago and this started.
>>>>>>     
>>>>>>         
>>>>>>             
>>>>> Could this be a problem on your end somehow?
>>>>>   
>>>>>       
>>>>>           
>>>> Certainly.
>>>> although I can't think of any change I made to justify it.
>>>> my other system (another Debian lenny) can do it without any problem.
>>>> (except - I need the system with the problem to perform it)
>>>>
>>>>
>>>>     
>>>>         
>>>   
>>>       
>>     
>
>   

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: kinit.bad
Url: http://lists.hcoop.net/pipermail/hcoop-help/attachments/20080705/4b39013e/attachment-0002.txt 
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: kinit.good
Url: http://lists.hcoop.net/pipermail/hcoop-help/attachments/20080705/4b39013e/attachment-0003.txt

More information about the HCoop-Help mailing list