credential verification failed: KDC has no support for encryption type

Bug #1119465 reported by Ralf Hildebrandt
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
krb5 (Ubuntu)
Medium
Unassigned

Bug Description

Basically this is http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669127 but on Ubuntu.
I'm trying to authenticate against Active Directory, and starting with version 1.10+dfsg~beta1-2ubuntu0.3 of the kerberos packages I'm getting these errors:

Feb 8 15:38:09 vpn-gw-ausfall openvpn[9031]: pam_krb5(openvpn-krb5:auth): pam_sm_authenticate: entry
Feb 8 15:38:09 vpn-gw-ausfall openvpn[9031]: pam_krb5(openvpn-krb5:auth): pam_sm_authenticate: entry
Feb 8 15:38:09 vpn-gw-ausfall openvpn[9031]: pam_krb5(openvpn-krb5:auth): (user hildeb) attempting authentication as <email address hidden>
Feb 8 15:38:09 vpn-gw-ausfall openvpn[9031]: pam_krb5(openvpn-krb5:auth): (user hildeb) attempting authentication as <email address hidden>
Feb 8 15:38:09 vpn-gw-ausfall openvpn[9031]: pam_krb5(openvpn-krb5:auth): (user hildeb) credential verification failed: KDC has no support for encryption type
Feb 8 15:38:09 vpn-gw-ausfall openvpn[9031]: pam_krb5(openvpn-krb5:auth): (user hildeb) credential verification failed: KDC has no support for encryption type
Feb 8 15:38:09 vpn-gw-ausfall openvpn[9031]: pam_krb5(openvpn-krb5:auth): authentication failure; logname=hildeb uid=0 euid=0 tty= ruser= rhost=
Feb 8 15:38:09 vpn-gw-ausfall openvpn[9031]: pam_krb5(openvpn-krb5:auth): pam_sm_authenticate: exit (failure)
Feb 8 15:38:09 vpn-gw-ausfall openvpn[9031]: pam_krb5(openvpn-krb5:auth): authentication failure; logname=hildeb uid=0 euid=0 tty= ruser= rhost=
Feb 8 15:38:09 vpn-gw-ausfall openvpn[9031]: pam_krb5(openvpn-krb5:auth): pam_sm_authenticate: exit (failure)

ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: libpam-krb5 4.5-3
ProcVersionSignature: Ubuntu 3.2.0-29.46-generic 3.2.24
Uname: Linux 3.2.0-29-generic x86_64
ApportVersion: 2.0.1-0ubuntu15.1
Architecture: amd64
Date: Fri Feb 8 15:40:55 2013
InstallationMedia: Ubuntu-Server 12.04.1 LTS "Precise Pangolin" - Release amd64 (20120817.3)
MarkForUpload: True
ProcEnviron:
 LANGUAGE=en_US:en
 TERM=xterm
 PATH=(custom, no user)
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: libpam-krb5
UpgradeStatus: No upgrade log present (probably fresh install)

Revision history for this message
Ralf Hildebrandt (ralf-hildebrandt) wrote :
Revision history for this message
Russ Allbery (rra-debian) wrote :

Reassigning to krb5, as:

Feb 8 15:38:09 vpn-gw-ausfall openvpn[9031]: pam_krb5(openvpn-krb5:auth): (user hildeb) credential verification failed: KDC has no support for encryption type

is an error message from the underlying Kerberos library that libpam-krb5 can't do anything about. libpam-krb5 itself doesn't know (or care) anything about enctypes.

affects: libpam-krb5 (Ubuntu) → krb5 (Ubuntu)
Robie Basak (racb)
Changed in krb5 (Ubuntu):
importance: Undecided → Medium
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in krb5 (Ubuntu):
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers