当我尝试使用 heimdal-kdc 进行身份验证时,在 kdc 日志中收到此错误:
(enctype aes256-cts-hmac-sha1-96) error Decrypt integrity check failed for checksum type hmac-sha1-96-aes256, key type aes256-cts-hmac-sha1-96
并且验证失败!!!
但使用 kinit 的身份验证是正确的!!
我的 kerb5.conf 是
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
krb5 = FILE:/var/log/krb5.log
[libdefaults]
default_realm = AUTH.LANGHUA
clockskew = 300
[realms]
AUTH.LANGHUA = {
kdc = AUTH.LANGHUA
}
[domain_realm]
.langhua = AUTH.LANGHUA
[kdc]
并将此行添加到 krb5.conf (在 kdc 标签中)
require-preauth = no
我收到这个错误
krb5_get_init_creds: Client have no reply key