API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 26th, 2017
572
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.65 KB | None | 0 0
raw download clone embed print report
  1. fre@fre:~$ klist
  2. klist: No credentials cache found (ticket cache FILE:/tmp/krb5cc_1000)
  3. fre@fre:~$ kinit
  4. Password for fre@KHM.LAN:
  5. fre@fre:~$ klist -f
  6. Ticket cache: FILE:/tmp/krb5cc_1000
  7. Default principal: fre@KHM.LAN
  8.  
  9. Valid starting Expires Service principal
  10. 05/18/10 23:58:50 05/19/10 09:58:50 krbtgt/KHM.LAN@KHM.LAN
  11. renew until 05/19/10 23:58:49, Flags: RIA
  12. fre@fre:~$ ssh -vvv -p22 krb.khm.lan
  13. OpenSSH_5.1p1 Debian-6ubuntu2, OpenSSL 0.9.8k 25 Mar 2009
  14. debug1: Reading configuration data /etc/ssh/ssh_config
  15. debug1: Applying options for *
  16. debug2: ssh_connect: needpriv 0
  17. debug1: Connecting to krb.khm.lan [192.168.0.152] port 22.
  18. debug1: Connection established.
  19. debug1: identity file /home/fre/.ssh/identity type -1
  20. debug1: identity file /home/fre/.ssh/id_rsa type -1
  21. debug1: identity file /home/fre/.ssh/id_dsa type -1
  22. debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1p1 Debian-6ubuntu2
  23. debug1: match: OpenSSH_5.1p1 Debian-6ubuntu2 pat OpenSSH*
  24. debug1: Enabling compatibility mode for protocol 2.0
  25. debug1: Local version string SSH-2.0-OpenSSH_5.1p1 Debian-6ubuntu2
  26. debug2: fd 3 setting O_NONBLOCK
  27. debug1: Offering GSSAPI proposal: gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==,gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==,gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g==,gss-gex-sha1-A/vxljAEU54gt9a48EiANQ==,gss-group1-sha1-A/vxljAEU54gt9a48EiANQ==,gss-group14-sha1-A/vxljAEU54gt9a48EiANQ==,gss-gex-sha1-bontcUwnM6aGfWCP21alxQ==,gss-group1-sha1-bontcUwnM6aGfWCP21alxQ==,gss-group14-sha1-bontcUwnM6aGfWCP21alxQ==
  28. debug1: SSH2_MSG_KEXINIT sent
  29. debug1: SSH2_MSG_KEXINIT received
  30. debug2: kex_parse_kexinit: gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==,gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==,gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g==,gss-gex-sha1-A/vxljAEU54gt9a48EiANQ==,gss-group1-sha1-A/vxljAEU54gt9a48EiANQ==,gss-group14-sha1-A/vxljAEU54gt9a48EiANQ==,gss-gex-sha1-bontcUwnM6aGfWCP21alxQ==,gss-group1-sha1-bontcUwnM6aGfWCP21alxQ==,gss-group14-sha1-bontcUwnM6aGfWCP21alxQ==,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
  31. debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,null
  32. debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
  33. debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
  34. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  35. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  36. debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
  37. debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
  38. debug2: kex_parse_kexinit:
  39. debug2: kex_parse_kexinit:
  40. debug2: kex_parse_kexinit: first_kex_follows 0
  41. debug2: kex_parse_kexinit: reserved 0
  42. debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
  43. debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
  44. debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
  45. debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
  46. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  47. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  48. debug2: kex_parse_kexinit: none,zlib@openssh.com
  49. debug2: kex_parse_kexinit: none,zlib@openssh.com
  50. debug2: kex_parse_kexinit:
  51. debug2: kex_parse_kexinit:
  52. debug2: kex_parse_kexinit: first_kex_follows 0
  53. debug2: kex_parse_kexinit: reserved 0
  54. debug2: mac_setup: found hmac-md5
  55. debug1: kex: server->client aes128-cbc hmac-md5 none
  56. debug2: mac_setup: found hmac-md5
  57. debug1: kex: client->server aes128-cbc hmac-md5 none
  58. debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
  59. debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
  60. debug2: dh_gen_key: priv key bits set: 128/256
  61. debug2: bits set: 510/1024
  62. debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
  63. debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
  64. debug3: check_host_in_hostfile: filename /home/fre/.ssh/known_hosts
  65. debug3: check_host_in_hostfile: match line 2
  66. debug3: check_host_in_hostfile: filename /home/fre/.ssh/known_hosts
  67. debug3: check_host_in_hostfile: match line 3
  68. debug1: Host 'krb.khm.lan' is known and matches the RSA host key.
  69. debug1: Found key in /home/fre/.ssh/known_hosts:2
  70. debug2: bits set: 521/1024
  71. debug1: ssh_rsa_verify: signature correct
  72. debug2: kex_derive_keys
  73. debug2: set_newkeys: mode 1
  74. debug1: SSH2_MSG_NEWKEYS sent
  75. debug1: expecting SSH2_MSG_NEWKEYS
  76. debug2: set_newkeys: mode 0
  77. debug1: SSH2_MSG_NEWKEYS received
  78. debug1: SSH2_MSG_SERVICE_REQUEST sent
  79. debug2: service_accept: ssh-userauth
  80. debug1: SSH2_MSG_SERVICE_ACCEPT received
  81. debug2: key: /home/fre/.ssh/identity ((nil))
  82. debug2: key: /home/fre/.ssh/id_rsa ((nil))
  83. debug2: key: /home/fre/.ssh/id_dsa ((nil))
  84. debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive
  85. debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive
  86. debug3: preferred gssapi-keyex,gssapi-with-mic,gssapi,publickey,keyboard-interactive,password
  87. debug3: authmethod_lookup gssapi-keyex
  88. debug3: remaining preferred: gssapi-with-mic,gssapi,publickey,keyboard-interactive,password
  89. debug3: authmethod_is_enabled gssapi-keyex
  90. debug1: Next authentication method: gssapi-keyex
  91. debug1: No valid Key exchange context
  92. debug2: we did not send a packet, disable method
  93. debug3: authmethod_lookup gssapi-with-mic
  94. debug3: remaining preferred: gssapi,publickey,keyboard-interactive,password
  95. debug3: authmethod_is_enabled gssapi-with-mic
  96. debug1: Next authentication method: gssapi-with-mic
  97. debug2: we sent a gssapi-with-mic packet, wait for reply
  98. debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive
  99. debug2: we sent a gssapi-with-mic packet, wait for reply
  100. debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive
  101. debug2: we sent a gssapi-with-mic packet, wait for reply
  102. debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive
  103. debug2: we did not send a packet, disable method
  104. debug3: authmethod_lookup publickey
  105. debug3: remaining preferred: keyboard-interactive,password
  106. debug3: authmethod_is_enabled publickey
  107. debug1: Next authentication method: publickey
  108. debug1: Trying private key: /home/fre/.ssh/identity
  109. debug3: no such identity: /home/fre/.ssh/identity
  110. debug1: Trying private key: /home/fre/.ssh/id_rsa
  111. debug3: no such identity: /home/fre/.ssh/id_rsa
  112. debug1: Trying private key: /home/fre/.ssh/id_dsa
  113. debug3: no such identity: /home/fre/.ssh/id_dsa
  114. debug2: we did not send a packet, disable method
  115. debug3: authmethod_lookup keyboard-interactive
  116. debug3: remaining preferred: password
  117. debug3: authmethod_is_enabled keyboard-interactive
  118. debug1: Next authentication method: keyboard-interactive
  119. debug2: userauth_kbdint
  120. debug2: we sent a keyboard-interactive packet, wait for reply
  121. debug2: input_userauth_info_req
  122. debug2: input_userauth_info_req: num_prompts 1
  123. Password:
  124.  
  125. fre@fre:~$
  126. fre@fre:~$ klist -f
  127. Ticket cache: FILE:/tmp/krb5cc_1000
  128. Default principal: fre@KHM.LAN
  129.  
  130. Valid starting Expires Service principal
  131. 05/18/10 23:58:50 05/19/10 09:58:50 krbtgt/KHM.LAN@KHM.LAN
  132. renew until 05/19/10 23:58:49, Flags: RIA
  133. 05/18/10 23:59:11 05/19/10 09:58:50 host/krb.khm.lan@KHM.LAN
  134. renew until 05/19/10 23:58:49, Flags: RAT
  135. fre@fre:~$
  136.  
  137.  
  138.  
  139. ---------------------------------
  140.  
  141. /var/log/krb/krb5kdc log
  142.  
  143. May 18 23:58:49 fre krb5kdc[2259](info): AS_REQ (7 etypes {18 17 16 23 1 3 2}) 192.168.0.152: NEEDED_PREAUTH: fre@KHM.LAN for krbtgt/KHM.LAN@KHM.LAN, Additional pre-authentication required
  144. May 18 23:58:50 fre krb5kdc[2259](info): AS_REQ (7 etypes {18 17 16 23 1 3 2}) 192.168.0.152: ISSUE: authtime 1274219930, etypes {rep=18 tkt=18 ses=18}, fre@KHM.LAN for krbtgt/KHM.LAN@KHM.LAN
  145. May 18 23:59:11 fre krb5kdc[2259](info): TGS_REQ (7 etypes {18 17 16 23 1 3 2}) 192.168.0.152: ISSUE: authtime 1274219930, etypes {rep=18 tkt=18 ses=18}, fre@KHM.LAN for host/krb.khm.lan@KHM.LAN
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!