Problem with testsaslauthd and kerberos5 ("saslauthd internal error")

Posted by danorton on Server Fault See other posts from Server Fault or by danorton
Published on 2011-02-27T15:06:46Z Indexed on 2011/02/27 15:26 UTC
Read the original article Hit count: 344

Filed under:
|
|
|

The error message “saslauthd internal error” seems like a catch-all for saslauthd, so I’m not sure if it’s a red herring, but here’s the brief description of my problem:

This Kerberos command works fine:

$ echo getprivs | kadmin -p username -w password
Authenticating as principal username with password.
kadmin:  getprivs
current privileges: GET ADD MODIFY DELETE

But this SASL test command fails:

$ testsaslauthd -u username -p password
0: NO "authentication failed"

saslauthd works fine with "-a sasldb", but the above is with "-a kerberos5"

This is the most detail I seem to be able to get from saslauthd:

saslauthd[]: auth_krb5: krb5_get_init_creds_password: -1765328353
saslauthd[]: do_auth : auth failure: [user=username] [service=imap]
                 [realm=] [mech=kerberos5] [reason=saslauthd internal error]

Kerberos seems happy:

krb5kdc[](info): AS_REQ (4 etypes {18 17 16 23}) 127.0.0.1:
                 ISSUE: authtime 1298779891, etypes {rep=18 tkt=18 ses=18},
                 username at REALM for krbtgt/DOMAIN at REALM

I’m running Ubuntu 10.04 (lucid) with the latest updates, namely:

  • Kerberos 5 release 1.8.1
  • saslauthd 2.1.23

Thanks for any clues.

© Server Fault or respective owner

Related posts about linux

Related posts about security