From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 In-Reply-To: <074bb025ba29b7d040edb01698e80ba9@quintile.net> References: <074bb025ba29b7d040edb01698e80ba9@quintile.net> Date: Thu, 22 Jul 2010 08:41:57 -0700 Message-ID: From: Akshat Kumar To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Content-Type: text/plain; charset=ISO-8859-1 Subject: Re: [9fans] aquarela woes Topicbox-Message-UUID: 4237f0d4-ead6-11e9-9d60-3106f5b1d025 RE: aquarela I think the problem is in my setup of interfaces and stacks on the CPU/Auth server; I've been unable to yet properly setup the two interfaces - local and external - of the CPU/Auth server to play in conjunction with each other. So it's possible that it's trying to connect to the auth server on the internal IP, which is unreachable once I bind the external stack over the internal stack in /net. I'm not sure what the fix is... On Thu, Jul 22, 2010 at 1:50 AM, Steve Simon wrote: >> smbnegotiate: 'NT LM 0.12' >> smbnegotiate: couldn't get mschap challenge >> reply: error 2/1 > > Re: aquarela > > I don't use aquarela these days, but I think the problem is > to do with aquarela being unable to contact keyfs. > > aquarela must be started on your server after keyfs, I run it > on my work terminal/fs/auth/cpu all-in-one server and it is > envoked in /cfg/$sysname/termrc after keyfs (starting keyfs > and aquarela in termrc is very unusual but as I said I have > an all in one box). > > check how it is started. > > RE cifs > > BTW, I am interested if you have problems with cifs. > > I know there a bug in the default ntlmv2 auth when working with Vista > (and probably windows 7 too), but if you fall back to less secure > auth on the wire (e.g. by adding -a ntlm to the cifs command line) > then it works. > > Windows auth is a mess, and kerberos with asn.1 is ugly. > > -Steve > >