Fwd: psql+krb5

--0016e6d784ee7840540479919ac2
Content-Type: text/plain; charset=KOI8-R
Content-Transfer-Encoding: quoted-printable

---------- Forwarded message ----------
From: rahimeh khodadadi <rahimeh.khodadadi [at] gmail.com>
Date: 2009/11/29
Subject: Re: psql+krb5
To: Denis Feklushkin <denis.feklushkin [at] gmail.com>


These items have added after my sending.

I repeat again my configurations:


*
1) The configuration of krb5.conf is:
[realms]
EXAMPLE.COM <http://example.com/> =3D{

kdc=3Dstar :88
admin_server=3Dstar:749
default_domain=3D example.com
}
......*

2) Then, I created principal as* " postgres/star [at] EXAMPLE.COM "* and its
password is saved in* '/usr/local/pgsql/data/postgresql.keytab' .*


(star is localhost IP, but in hosts.conf I configure like: 213.233.169.93
star)

3) I setup *postgresql.conf *as below:

krb_server_keyfile =3D '/usr/local/pgsql/data/
postgresql.keytab'
krb_srvname =3D 'postgres/star [at] EXAMPLE.COM'

krb_server_hostname =3D 'star' # empty string matches any keytab en=
try
krb_caseins_users =3D off

4) I *create user "frank"* in Psql .

5) Then I set up* hba.conf :*

host all all 0.0.0.0/0 krb5
host all all 127.0.0.1/32 krb5


When I want to connect to Postgresql, it gives error.

# *kinit frank*

[root [at] star bin]# *./psql -h star -U frank -d test*

psql: *krb5_sendauth: Bad application version was sent (via sendauth)*

I should mention that * both postgresql server and krb-server are in same
system* and* my IP is acquring from dhcp server of university*. Where is
wrong.

2009/11/29 Denis Feklushkin <denis.feklushkin [at] gmail.com>

> On Sun, 29 Nov 2009 14:23:52 +0330
> rahimeh khodadadi <rahimeh.khodadadi [at] gmail.com> wrote:
>
> > Thanks for your replying. My detail of configuration is:
> >
> > I try to setup kerberos authentication in Postgresql 8.1.18 on centos.
> >
> > But I have some problem.
> >
> > 1) The configuration of krb5.conf is:
> > [realms]
> > EXAMPLE.COM <http://example.com/><http://EXAMPLE.COM
> > <http://example.com/>> =3D{
> >
> > kdc=3Dstar :88
> > admin_server=3Dstar:749
> > default_domain=3D example.com<http://example.com
> > >
> > > >
> > > }
> > > .....
> > >
> > > 2) Then, I created principal as " postgres/star [at] EXAMPLE.COM<mailto:
> > > star [at] EXAMPLE.COM> " and its password is saved in
> > > '/usr/local/pgsql/data/postgresql.keytab' .
> > >
> > >
> > > (star is localhost IP, but in hosts.conf I configure like:
> > > 213.233.169.93 star)
> > >
> > > 3) I setup postgresql.conf as below:
> > >
> > > krb_server_keyfile =3D '/usr/local/pgsql/data/
> > > postgresql.keytab'
> > > krb_srvname =3D 'postgres/star [at] EXAMPLE.COM<mailto:star [at] EXAMPLE.COM>'
> > >
> > > krb_server_hostname =3D 'star' # empty string matches any
> > > keytab entry
> > > krb_caseins_users =3D off
> > >
> > > 4) I create user "frank" in Psql .
> > >
> > > 5) Then I set up hba.conf :
> > >
> > > host all all 0.0.0.0/0<http://0.0.0.0/0>
> > > krb5
> > > host all all 127.0.0.1/32<http://127.0.0.1/32>
> > > krb5
> > >
> > >
> > > When I want to connect to Postgresql, it gives error.
> > >
> > > # kinit frank
> > >
> > > [root [at] star bin]# ./psql -h star -U frank -d test
> > >
> > > psql: krb5_sendauth: Bad application version was sent (via sendauth)
> > >
> >
> > some changes in users gives below error :
> > "[root [at] www bin]# ./psql -h 213.233.168.249 -U postgres
> > psql: Kerberos 5 authentication rejected: Wrong principal in
> > request"
> >
> >
> > > I should mention that both postgresql server and krb-server are in
> > > same system and my IP is acquring from dhcp server of university.
> > > Where is wrong.
> > >
> >
> >
> >
> > 2009/11/29 Denis Feklushkin <denis.feklushkin [at] gmail.com>
> >
> > > On Sun, 29 Nov 2009 10:48:30 +0330
> > > rahimeh khodadadi <rahimeh.khodadadi [at] gmail.com> wrote:
> > >
> > > > Hi,
> > > >
> > > > When I want to connect to psql via krb5 in Linux, it gives me
> > > > error like: "[root [at] www bin]# ./psql -h 213.233.168.249 -U
> > > > postgres psql: Kerberos 5 authentication rejected: Wrong
> > > > principal in request"
> > >
> > > =FE=D4=CF =D7 =CC=CF=C7=C1=C8 KDC?
> ^^^^^^^^^^^^^^^^ !!!
>
> =E9 =C5=DD=A3, =D7 =D4=C5=CB=D3=D4=C5 =CB=CF=D4=CF=D2=D9=CA =F7=D9 =C4=C1=
=CC=C9 =D7=D3=D4=D2=C5=DE=C1=C0=D4=D3=D1 =D0=D2=CF=C2=C5=CC=D9 =D7 =C9=CD=
=C5=CE=C1=C8
> =D0=D2=C9=CE=C3=C9=D0=C1=CC=CF=D7 =C9 =D3=D4=D2=C1=CE=CE=D9=C5 =DA=C1=D0=
=C9=D3=C9 "<mailto:star [at] EXAMPLE.COM>"
>
> =F0=D2=C9 =CE=C1=D3=D4=D2=CF=CA=CB=C5 =D7=C1=D6=CE=CF =DE=D4=CF=C2=D9 =CE=
=C9=DE=C5=C7=CF =DC=D4=CF=C7=CF =CE=C5=C2=D9=CC=CF
>



--
With Best Regards
Miss.KHodadadi



--
With Best Regards
Miss.KHodadadi

--0016e6d784ee7840540479919ac2
Content-Type: text/html; charset=KOI8-R
Content-Transfer-Encoding: quoted-printable

<br><br><div class=3D"gmail_quote">---------- Forwarded message ----------<=
br>From: <b class=3D"gmail_sendername">rahimeh khodadadi</b> <span dir=3D"l=
tr"><<a href=3D"mailto:rahimeh.khodadadi [at] gmail.com">rahimeh.khodadadi [at] gm=
ail.com</a>></span><br>
Date: 2009/11/29<br>Subject: Re: psql+krb5<br>To: Denis Feklushkin <<a h=
ref=3D"mailto:denis.feklushkin [at] gmail.com">denis.feklushkin [at] g mail.com</a>>=
;<br><br><br>These items have added after my sending. <br>=9A<br>I repeat a=
gain my configurations:<br>
=9A<br><font size=3D"2"><br><b><div class=3D"im">1) The configuration of=9A=
krb5.conf is:<br>=9A[realms]<br></div>=9A=9A <a href=3D"http://example.com=
/" target=3D"_blank">EXAMPLE.COM</a> =3D{<div class=3D"im"><br>

=9A=9A=9A=9A kdc=3Dstar :88<br>=9A=9A=9A=9A admin_server=3Dstar:749<br>=9A=
=9A=9A=9A default_domain=3D <a href=3D"http://example.com/" target=3D"_blan=
k">example.com</a><br>}<br></div>.....</b><br><br>2) Then, I created princi=
pal as<b> "=9A postgres/<a href=3D"mailto:star [at] EXAMPLE.COM" target=3D"=
_blank">star [at] EXAMPLE.COM</a> "</b> and its password is saved in<b> =
9;/usr/local/pgsql/data/postgresql.keytab' .</b><div class=3D"im">
<br>

<br>(star is localhost IP, but in hosts.conf I configure like: 213.233.169.=
93 =9A star)<br><br>3) I setup <b>postgresql.conf </b>as below:<br><br>krb_=
server_keyfile =3D '/usr/local/pgsql/data/</div></font><div><font size=
=3D"2">
postgresql.keytab'<br>
krb_srvname =3D 'postgres/<a href=3D"mailto:star [at] EXAMPLE.COM" target=3D=
"_blank">star [at] EXAMPLE.COM</a>'<div class=3D"im"><br>krb_server_hostname=
=3D 'star'=9A=9A =9A =9A=9A=9A # empty string matches any keytab e=
ntry<br>krb_caseins_users =3D off <br>


<br>4) I <b>create user "frank"</b>=9A in Psql .<br><br>5) Then I=
set up<b> hba.conf :</b><br><br></div>host=9A=9A=9A all=9A=9A=9A=9A=9A=9A=
=9A=9A all=9A=9A=9A=9A=9A=9A=9A=9A <a href=3D"http://0.0.0.0/0" target=3D"_=
blank">0.0.0.0/0</a>=9A=9A=9A=9A=9A=9A=9A=9A=9A=9A=9A=9A=9A krb5 <br>
host=9A=9A=9A all=9A=9A=9A=9A=9A=9A=9A=9A all=9A=9A=9A=9A=9A=9A=9A=9A <a hr=
ef=3D"http://127.0.0.1/32" target=3D"_blank">127.0.0.1/32</a>=9A=9A=9A=9A=
=9A=9A=9A=9A=9A=9A krb5<div class=3D"im"><br>

<br>
When I want to connect to Postgresql, it gives error. <br><br># <b>kinit fr=
ank</b><br><br>[root [at] star bin]# <b>./psql -h star=9A -U frank=9A -d test</b=
></div></font><div class=3D"im">



<div><font size=3D"2"><br>psql: <b>krb5_sendauth: Bad application version w=
as sent (via sendauth)</b><br><br></font>
</div></div><div><div></div><div class=3D"h5"><font size=3D"2">I should men=
tion that=9A<b> both postgresql server and krb-server are in same system</b=
> and<b> my IP is acquring from dhcp server=9A of university</b>.=9A Where =
is wrong. <br>
</font></div></div></div><div><div></div><div class=3D"h5"><br><div class=
=3D"gmail_quote">
2009/11/29 Denis Feklushkin <span dir=3D"ltr"><<a href=3D"mailto:denis.f=
eklushkin [at] gmail.com" target=3D"_blank">denis.feklushkin [at] gmail.com</a>></=
span><br><blockquote class=3D"gmail_quote" style=3D"border-left: 1px solid =
rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">

On Sun, 29 Nov 2009 14:23:52 +0330<br>
<div>rahimeh khodadadi <<a href=3D"mailto:rahimeh.khodadadi [at] gmail.com" t=
arget=3D"_blank">rahimeh.khodadadi [at] gmail.com</a>> wrote:<br>
<br>
</div><div>> Thanks for your replying. My detail of configuration is:<br=
>
><br>
> I try to setup kerberos authentication in Postgresql 8.1.18 on centos.=
<br>
><br>
> But I have some problem.<br>
><br>
> 1) The configuration of =9Akrb5.conf is:<br>
> =9A[realms]<br>
</div>> =9A <a href=3D"http://EXAMPLE.COM" target=3D"_blank">EXAMPLE.COM=
</a> <<a href=3D"http://example.com/" target=3D"_blank">http://example.c=
om/</a>><<a href=3D"http://EXAMPLE.COM" target=3D"_blank">http://EXAM=
PLE.COM</a><br>


> <<a href=3D"http://example.com/" target=3D"_blank">http://example.c=
om/</a>>> =3D{<br>
<div><div></div><div>><br>
> =9A =9A kdc=3Dstar :88<br>
> =9A =9A admin_server=3Dstar:749<br>
> =9A =9A default_domain=3D <a href=3D"http://example.com" target=3D"_bl=
ank">example.com</a><<a href=3D"http://example.com" target=3D"_blank">ht=
tp://example.com</a><br>
> ><br>
> > ><br>
> > }<br>
> > .....<br>
> ><br>
> > 2) Then, I created principal as " =9Apostgres/<a href=3D"mai=
lto:star [at] EXAMPLE.COM" target=3D"_blank">star [at] EXAMPLE.COM</a><mailto:<br>
> > <a href=3D"mailto:star [at] EXAMPLE.COM" target=3D"_blank">star [at] EXAMPL=
E.COM</a>> " and its password is saved in<br>
> > '/usr/local/pgsql/data/postgresql.keytab' .<br>
> ><br>
> ><br>
> > (star is localhost IP, but in hosts.conf I configure like:<br>
> > 213.233.169.93 star)<br>
> ><br>
> > 3) I setup postgresql.conf as below:<br>
> ><br>
> > krb_server_keyfile =3D '/usr/local/pgsql/data/<br>
> > postgresql.keytab'<br>
> > krb_srvname =3D 'postgres/<a href=3D"mailto:star [at] EXAMPLE.COM"=
target=3D"_blank">star [at] EXAMPLE.COM</a><mailto:<a href=3D"mailto:star [at] EX=
AMPLE.COM" target=3D"_blank">star [at] EXAMPLE.COM</a>>'<br>
> ><br>
> > krb_server_hostname =3D 'star' =9A =9A =9A =9A # empty st=
ring matches any<br>
> > keytab entry<br>
> > krb_caseins_users =3D off<br>
> ><br>
> > 4) I create user "frank" =9Ain Psql .<br>
> ><br>
> > 5) Then I set up hba.conf :<br>
> ><br>
> > host =9A =9Aall =9A =9A =9A =9A all =9A =9A =9A =9A <a href=3D"ht=
tp://0.0.0.0/0" target=3D"_blank">0.0.0.0/0</a><<a href=3D"http://0.0.0.=
0/0" target=3D"_blank">http://0.0.0.0/0</a>><br>
> > =9Akrb5<br>
> > host =9A =9Aall =9A =9A =9A =9A all =9A =9A =9A =9A <a href=3D"ht=
tp://127.0.0.1/32" target=3D"_blank">127.0.0.1/32</a><<a href=3D"http://=
127.0.0.1/32" target=3D"_blank">http://127.0.0.1/32</a>><br>
> > =9A krb5<br>
> ><br>
> ><br>
> > When I want to connect to Postgresql, it gives error.<br>
> ><br>
> > # kinit frank<br>
> ><br>
> > [root [at] star bin]# ./psql -h star =9A-U frank =9A-d test<br>
> ><br>
> > psql: krb5_sendauth: Bad application version was sent (via sendau=
th)<br>
> ><br>
><br>
> some changes in users gives below error :<br>
> "[root [at] www bin]# ./psql -h 213.233.168.249 =9A-U postgres<br>
> =9A psql: Kerberos 5 authentication rejected: =9AWrong principal in<br=
>
> request"<br>
><br>
><br>
> > I should mention that =9Aboth postgresql server and krb-server ar=
e in<br>
> > same system and my IP is acquring from dhcp server =9Aof universi=
ty.<br>
> > Where is wrong.<br>
> ><br>
><br>
><br>
><br>
> 2009/11/29 Denis Feklushkin <<a href=3D"mailto:denis.feklushkin [at] gma=
il.com" target=3D"_blank">denis.feklushkin [at] gmail.com</a>><br>
><br>
> > On Sun, 29 Nov 2009 10:48:30 +0330<br>
> > rahimeh khodadadi <<a href=3D"mailto:rahimeh.khodadadi [at] gmail.c=
om" target=3D"_blank">rahimeh.khodadadi [at] gmail.com</a>> wrote:<br>
> ><br>
> > > Hi,<br>
> > ><br>
> > > When I want to connect to psql via krb5 in Linux, it gives m=
e<br>
> > > error like: "[root [at] www bin]# ./psql -h 213.233.168.249 =
=9A-U<br>
> > > postgres psql: Kerberos 5 authentication rejected: =9AWrong<=
br>
> > > principal in request"<br>
> ><br>
> > =FE=D4=CF =D7 =CC=CF=C7=C1=C8 KDC?<br>
</div></div> =9A =9A^^^^^^^^^^^^^^^^ !!!<br>
<br>
=E9 =C5=DD=A3, =D7 =D4=C5=CB=D3=D4=C5 =CB=CF=D4=CF=D2=D9=CA =F7=D9 =C4=C1=
=CC=C9 =D7=D3=D4=D2=C5=DE=C1=C0=D4=D3=D1 =D0=D2=CF=C2=C5=CC=D9 =D7 =C9=CD=
=C5=CE=C1=C8<br>
=D0=D2=C9=CE=C3=C9=D0=C1=CC=CF=D7 =C9 =D3=D4=D2=C1=CE=CE=D9=C5 =DA=C1=D0=C9=
=D3=C9 "<mailto:<a href=3D"mailto:star [at] EXAMPLE.COM" target=3D"_blan=
k">star [at] EXAMPLE.COM</a>>"<br>
<br>
=F0=D2=C9 =CE=C1=D3=D4=D2=CF=CA=CB=C5 =D7=C1=D6=CE=CF =DE=D4=CF=C2=D9 =CE=
=C9=DE=C5=C7=CF =DC=D4=CF=C7=CF =CE=C5=C2=D9=CC=CF<br>
</blockquote></div><br><br clear=3D"all"><br></div></div><div><div></div><d=
iv class=3D"h5">-- <br>With Best Regards<br>Miss.KHodadadi<br>
</div></div></div><br><br clear=3D"all"><br>-- <br>With Best Regards<br>Mis=
s.KHodadadi<br>

--0016e6d784ee7840540479919ac2--
rahimeh khodadadi [ Mo, 30 November 2009 08:29 ] [ ID #2024381 ]
Datenbanken » gmane.comp.db.postgresql.odbc » Fwd: psql+krb5

Vorheriges Thema: [ psqlodbc-Bugs-1010735 ] Error on method Fields using client side recordset
Nächstes Thema: odbc driver leaks memory when connection failed

[ Startseite ] [ Administrator ] [ Suche ] [ Hinweise ] [ Impressum ]

Powered by FudForum