* Re: [9fans] Mail on cpu/auth server
@ 2001-06-05 4:23 Jonathan Sergent
0 siblings, 0 replies; 3+ messages in thread
From: Jonathan Sergent @ 2001-06-05 4:23 UTC (permalink / raw)
To: 9fans
[-- Attachment #1: Type: text/plain, Size: 404 bytes --]
changeuser doesn't edit the keys file directly; it uses keyfs.
Probably rewhack your auth server by losing the keys file and try
again. Make sure keyfs is actually decrypting the keys file
correctly. If the password you give at boot is wrong, it won't
be able to do this. ("Wrong" means "not the same key that it waas
using when it wrote the file".) Look in your logs for messages from
keyfs.
[-- Attachment #2: Type: message/rfc822, Size: 2159 bytes --]
From: Ish Rattan <ishwar@pali.cps.cmich.edu>
To: <9fans@cse.psu.edu>
Subject: Re: [9fans] Mail on cpu/auth server
Date: Mon, 4 Jun 2001 14:24:51 -0400 (EDT)
Message-ID: <Pine.LNX.4.30.0106041419420.22193-100000@pali.cps.cmich.edu>
On Mon, 4 Jun 2001, Jonathan Sergent wrote:
> On Monday, June 4, 2001, at 09:33 AM, Ish Rattan wrote:
>
> > I see the follwing messages in /sys/log/cron
> >
> > host Jun 4 06:52:04 upas: key not found
> >
> > similar message generated every 10 minutes. What key is it referring to?
>
> The one for upas. auth/changeuser upas to give it a key so that cron
> can authenticate as upas. cron must run only on your auth server so
> that it can authenticate as the right user. It does an rx to the target
> host to run the command.
An attempt to use auth/changeuser upas
Passord:
Confirm ..:
keysfs: bad status key in file
...
6 keys read
Post id:
Did 3/27/01 upgrade has anything to do with it?
Also, what happens if I just remove adm/keys and /adm/keys.who and
recreate them with auth/changeuser???
- ishwar
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [9fans] Mail on cpu/auth server
2001-06-04 18:24 ` [9fans] Mail " Ish Rattan
@ 2001-06-05 8:26 ` Alexander Povolotsky
0 siblings, 0 replies; 3+ messages in thread
From: Alexander Povolotsky @ 2001-06-05 8:26 UTC (permalink / raw)
To: 9fans
When I am creating a new user (say guest) using auth/changeuser I could see
this message Ishwar mentioned:
keysfs: bad status key in file
But at least it creates the keyfile and creates the password ...
For already existant users (glenda, adm, sys etc ) I somehow lost keys at
some point (do not remember exactly how ...)
and now if I am trying to recreate keys for those users using
auth/changeuser - it fails with the error message:
changeuser: can't create user "such and such": access permission denied.
By the way, I do not have password set for those preexistant ones - how I
could set password for those ?
So, anyway, now I could reboot the system and log as guest with supplying
the password ...
Ok, I am looged in ...
Running auth/keyfs -p
Password: <such and such>
Works ...kind of ... but with the warning again: bad status in key file ...
Ok ... going further ...
aux/listen tcp
auth/listen -t /rc/bin/service.auth
No errors or warnings ...
Now I am starting the drawterm on my Solaris machine:
yarmouth$ drawterm -a 135.17.241.14 -c 135.17.241.14
default depth=8
yarmouth$ !!
drawterm -a 135.17.241.14 -c 135.17.241.14
default depth=8
The drawterm window shows up with user "none" - changing to guest ..
Supplying the password ...
Getting ...
?AS protocol botch: file does not exist.
Any hints ?
"Ish Rattan" <ishwar@pali.cps.cmich.edu> wrote in message
news:Pine.LNX.4.30.0106041419420.22193-100000@pali.cps.cmich.edu...
> On Mon, 4 Jun 2001, Jonathan Sergent wrote:
>
> > On Monday, June 4, 2001, at 09:33 AM, Ish Rattan wrote:
> >
> > > I see the follwing messages in /sys/log/cron
> > >
> > > host Jun 4 06:52:04 upas: key not found
> > >
> > > similar message generated every 10 minutes. What key is it referring
to?
> >
> > The one for upas. auth/changeuser upas to give it a key so that cron
> > can authenticate as upas. cron must run only on your auth server so
> > that it can authenticate as the right user. It does an rx to the target
> > host to run the command.
> An attempt to use auth/changeuser upas
> Passord:
> Confirm ..:
> keysfs: bad status key in file
> ...
> 6 keys read
> Post id:
>
> Did 3/27/01 upgrade has anything to do with it?
>
> Also, what happens if I just remove adm/keys and /adm/keys.who and
> recreate them with auth/changeuser???
>
> - ishwar
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [9fans] Mail on cpu/auth server
2001-06-04 17:17 [9fans] Mial " Jonathan Sergent
@ 2001-06-04 18:24 ` Ish Rattan
2001-06-05 8:26 ` Alexander Povolotsky
0 siblings, 1 reply; 3+ messages in thread
From: Ish Rattan @ 2001-06-04 18:24 UTC (permalink / raw)
To: 9fans
On Mon, 4 Jun 2001, Jonathan Sergent wrote:
> On Monday, June 4, 2001, at 09:33 AM, Ish Rattan wrote:
>
> > I see the follwing messages in /sys/log/cron
> >
> > host Jun 4 06:52:04 upas: key not found
> >
> > similar message generated every 10 minutes. What key is it referring to?
>
> The one for upas. auth/changeuser upas to give it a key so that cron
> can authenticate as upas. cron must run only on your auth server so
> that it can authenticate as the right user. It does an rx to the target
> host to run the command.
An attempt to use auth/changeuser upas
Passord:
Confirm ..:
keysfs: bad status key in file
...
6 keys read
Post id:
Did 3/27/01 upgrade has anything to do with it?
Also, what happens if I just remove adm/keys and /adm/keys.who and
recreate them with auth/changeuser???
- ishwar
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2001-06-05 8:26 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2001-06-05 4:23 [9fans] Mail on cpu/auth server Jonathan Sergent
-- strict thread matches above, loose matches on Subject: below --
2001-06-04 17:17 [9fans] Mial " Jonathan Sergent
2001-06-04 18:24 ` [9fans] Mail " Ish Rattan
2001-06-05 8:26 ` Alexander Povolotsky
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).