Re: [9fans] File Server Authentication Woes

9fans - fans of the OS Plan 9 from Bell Labs
 help / color / mirror / Atom feed

From: <plan9@itic.ca>
To: <9fans@cse.psu.edu>
Subject: Re: [9fans] File Server Authentication Woes
Date: Tue,  7 May 2002 11:30:34 +0200	[thread overview]
Message-ID: <00ba01c1f5a9$d6a4fea0$fdffa8c0@itic.ca> (raw)
In-Reply-To: <1020784254.15100.4.camel@arlx125>

Did you check all that ?

File Server config
     ipauth    my.auth.server.ip
     end
     passwd
        id : bootes
        pass: donotusethisone
        authdom: mynet.com

/lib/ndb/local
     ipnet=myprivatenet ...
          authdom=mynet.com
          auth=my.auth.server.ip
          ...

    ip=my.fs.ip.addr  ether=000476dc2a00  sys=myfs
         ipnet=myprivatenet
         dom =myfs.mynet.com
         proto=il

On the CPU/AUTH console
    auth/wrkey
        id:            bootes
        domain:    mynet.com
        passwd:    donotusethisone

On the CPU again
        auth/changeuser -np bootes
        ...
        pass : donotusethisone

In /lib/ndb/auth
        uncomment the two lines as described


----- Original Message -----
From: "Eric Van Hensbergen" <airwick@mail.csh.rit.edu>
To: <9fans@cse.psu.edu>
Sent: Tuesday, May 07, 2002 5:10 PM
Subject: Re: [9fans] File Server Authentication Woes


> On Mon, 2002-05-06 at 20:03, Russ Cox wrote:
> > > I'm having a bit of trouble getting my newly installed file server to
> > > work with my Auth server.  I've installed everything from scratch and
> > > have a stand-alone auth server, a stand-alone terminal, and a file
> > > server.  Everything seems to be happy-happy except when I go to mount
> > > the file server from the auth-server I get an authentication error.
> >
> > try
> >
> > echo -n debug > /mnt/factotum/ctl
> >
> > on the client and repeat the mount.
> > you'll get a trace of the factotum activity,
> > which may contain more useful error messages.
>
> vampira# echo -n debug > /mnt/factotum/ctl
> vampira# mount -c /srv/il!9.3.61.42 /n/tor
> 9: start proto=p9any role=client yields phase CNeedProtos: ok
> 9: read 4093 in phase CNeedProtos yields phase CNeedProtos: phase:
protocol phas
> e error: read in state CNeedProtos
> 9: write 0 in phase CNeedProtos yields phase CNeedProtos: toosmall 2048
> 9: start proto=p9sk1 role=client dom=austin.ibm.com yields phase
CHaveChal: ok
> 9: write 25 in phase CNeedProtos yields phase CHaveProto: ok
> 9: read 21 in phase CHaveProto yields phase CNeedOK: ok
> 9: read 4093 in phase CNeedOK yields phase CNeedOK: phase: protocol phase
error:
>  read in state CNeedOK
> 9: write 0 in phase CNeedOK yields phase CNeedOK: toosmall 3
> 9: write 3 in phase CNeedOK yields phase CRelay: ok
> 9: read 8 in phase CHaveChal yields phase CNeedTreq: ok
> 9: read 8 in phase CRelay yields phase CRelay: ok
> 9: read 4093 in phase CNeedTreq yields phase CNeedTreq: phase: protocol
phase er
> ror: read in state CNeedTreq
> 9: read 4093 in phase CRelay yields phase CRelay: phase: protocol phase
error: r
> ead in state CNeedTreq
> 9: write 0 in phase CNeedTreq yields phase CNeedTreq: toosmall 141
> 9: write 0 in phase CRelay yields phase CRelay: toosmall 141
> 9: failure bad key
> 9: write 141 in phase CNeedTreq yields phase CNeedTreq: failure bad key
> 9: write 141 in phase CRelay yields phase CRelay: failure bad key
> mount: mount /n/tor: attach -- unknown user or failed authentication
>
>
> Oh..and to answer Presto's suggestion:
>
>
> vampira# ndb/csquery
> > net!$auth!ticket
> /net/il/clone 9.3.61.105!566!fasttimeout
> /net/tcp/clone 9.3.61.105!567
> /net/il/clone 9.3.61.105!566
> (105 is the auth server)
>
> -eric
>
>
>

next prev parent reply	other threads:[~2002-05-07  9:30 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-05-07  1:03 Russ Cox
2002-05-07 15:10 ` Eric Van Hensbergen
2002-05-07  9:30   ` plan9 [this message]
  -- strict thread matches above, loose matches on Subject: below --
2002-05-07 16:20 rsc
2002-05-07 17:26 ` Eric Van Hensbergen
2002-05-07 15:18 Russ Cox
2002-05-07 15:49 ` Eric Van Hensbergen
2002-05-07  1:17 presotto
2002-05-07  0:57 Eric Van Hensbergen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='00ba01c1f5a9$d6a4fea0$fdffa8c0@itic.ca' \
    --to=plan9@itic.ca \
    --cc=9fans@cse.psu.edu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).