From nobody Thu Dec 15 18:15:49 2022 X-Original-To: bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4NY0ln6ytKz4l1s1 for ; Thu, 15 Dec 2022 18:15:49 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4NY0ln5tZYz3xZG for ; Thu, 15 Dec 2022 18:15:49 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1671128149; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=uMce9Qm/E4osEjxu3b6lLjIA/M7mq5O9kia45/WsVBM=; b=OHcuN+LEkzX2Hqt5jQ4Y8cb/C1MteBZoTypxqrQTRhRhBOKUT1Uoe3bbnQKREoyhbOw4Z+ cUlnkKKCwoOFJ1ID5J9twoXvDNb3hRFjlHoq4OCKugCxtPIS/lGrJMAZ++bzs5RkfwUW5e UpQ/xsV7Tb0anWuiVHwJlS+skp8EdPbohSzzZQWSnDVTEnms7jaKQJCOWxf/1uCEPm7rZS zwPtyth6u7mz4UMq6h3WJZUkDtn1iykC/RQjTIy8k4dmFVh5Rh8+iyM9yzzEJtmlt8iUjV 26maH9SWaHhQAZ2Za7VT7XyG4FP63X59jAb8YfRWOMvme4RfoXTi/5zyf2iU9g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1671128149; a=rsa-sha256; cv=none; b=WRGrqFN/GS0RScdMqrMz34yagcCjxqE4qR/EaD7sPQe8/icPx93xYuUW8ptEAF9piQ5G9c tKXtwGqiTrb/m+0MY4U6d1B+CuVm6MPzejDVCMTXhD0FSkpB6h9aF23bZV8Sdkqzu8HDNf gx65Dcvqlp4UcFgtDX01l4ps69oUQqLroZe3HggyqVLtXp1N2W7EEOhZh/OMh0dSZt0eeB thEiB7MMF5mx7ytYJpR1DG88y0/fZTCeCLdexhJo46KyGoJhHBNFNIvtvRJ9A1e7CsDRqD nV13nwxoEQfGV1/tHXvfCzb/pX9gb2RDcYFSiL+hrkcmTSYIA027aQ6b6YtrkA== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4NY0ln4rtDzjD8 for ; Thu, 15 Dec 2022 18:15:49 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 2BFIFnYU018598 for ; Thu, 15 Dec 2022 18:15:49 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 2BFIFnRY018597 for bugs@FreeBSD.org; Thu, 15 Dec 2022 18:15:49 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 268186] Kerberos authentication fails with a Linux/FreeIPA KDC Date: Thu, 15 Dec 2022 18:15:49 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: Unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: amendlik@gmail.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-bugs@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D268186 --- Comment #23 from amendlik@gmail.com --- (In reply to Cy Schubert from comment #22) I'm having some trouble understanding these log messages. Is this from the client or the server? It seems like you are providing evidence that sshd wo= rks fine with encryption type 20 if the ticket was issued from a FreeBSD KDC, b= ut if the ticket was issued by FreeIPA, it says encryption type 20 is not supported. Is that correct? I could understand if it could not process an improperly formed ticket. But messages saying "type 20 is not supported" and "type 20 works fine" from the same server doesn't make much sense. --=20 You are receiving this mail because: You are the assignee for the bug.=