[Pubcookie-users] Re: login-server - keyclient problem
Breeze Howard
bhoward at acns.fsu.edu
Tue Jan 14 09:21:47 PST 2003
I am also using Solaris 8. Thanks! That fixed it. Now keyclient connects
no problem.
Keyserver is giving me some errors, but I will try and work them out on my
own, before bothering you guys again.
Here are the errors, in case anyone is curious. It seems to create the
DES key anyway, althought I haven't checked the content of it.
Jan 14 12:16:56 wireless keyserver[7701]: [ID 702911 local3.error] verify
error:num=26:unsupported certificate purpose
Jan 14 12:16:56 wireless keyserver[7701]: [ID 702911 local3.error] invalid
purpose; ignoring error!
Thanks again!
-Breeze
----------------------
Breeze Howard
bhoward at acns.fsu.edu
(850) 644-2591
Academic Computing & Networking Services
Florida State University
On Tue, 14 Jan 2003, Jon Miner wrote:
> What OS are you on? My guess would be that the OS can't handle numeric
> ports in inetd.conf.
>
> Look for errors in /var/log/messages or /var/adm/messages or
> /var/log/syslog (whatever is appropriate for your OS.)
>
> You probably need to create an entry is /etc/services. Here are the
> lines I use on Solaris 8:
>
> ---[ /etc/services ]---
> pubkey 2222/tcp
> ---[ /etc/services ]---
>
> ---[ /etc/inetd.conf ]---
> pubkey stream tcp nowait root /usr/local/pubcookie/keyserver keyserver
> ---[ /etc/inetd.conf ]---
>
> (hopefully that line won't wrap, of course there aren't any "\n"s in
> line.)
>
> jon
>
> * Breeze Howard (bhoward at acns.fsu.edu) [030114 07:23]:
> > Still having troubles...
> >
> > Here's the line in my inetd.conf.
> >
> > 2222 stream tcp nowait root /usr/local/pubcookie/keyserver keyserver
> >
> > And here's the program...
> >
> > -rwxr-xr-x 1 root other 963374 Nov 15 11:19 /usr/local/pubcookie/keyserver
> >
> > -Breeze
> > ----------------------
> > Breeze Howard
> > bhoward at acns.fsu.edu
> > (850) 644-2591
> > Academic Computing & Networking Services
> > Florida State University
> >
> > On Mon, 13 Jan 2003, Jon Miner wrote:
> >
> > > And you still get the error? Hmm.. What does your inetd line look
> > > like? (or are you using xinetd?)
> > >
> > > jon
> > >
> > > * Breeze Howard (bhoward at acns.fsu.edu) [030113 16:07]:
> > > >
> > > > I have HUPed and inetd restarted successfully. There is nothing
> > > > blocking that port and I have tried connecting from localhost, so there is
> > > > no firewall in the way...
> > > >
> > > > Thanks for the help, Jon.
> > > > -Breeze
> > > >
> > > > On Mon, 13 Jan 2003, Jon Miner wrote:
> > > >
> > > > > Then the keyserver isn't running..
> > > > >
> > > > > Have you HUPed inetd after adding the line (and did inetd restart
> > > > > successfully?), and/or do you have any sort of firewall that is blocking
> > > > > your requests?
> > > > >
> > > > > jon
> > > > >
> > > > > * Breeze Howard (bhoward at acns.fsu.edu) [030113 10:13]:
> > > > > > Jon,
> > > > > >
> > > > > > I get the same "Connection refused" message...
> > > > > >
> > > > > > cheddar% telnet wireless.fsu.edu 2222
> > > > > > Trying 128.186.6.174...
> > > > > > telnet: Unable to connect to remote host: Connection refused
> > > > > >
> > > > > > -Breeze
> > > > > >
> > > > > > On Fri, 10 Jan 2003, Jon Miner wrote:
> > > > > >
> > > > > > > What do you get when you telnet to port 2222 on the keyserver machine?
> > > > > > >
> > > > > > > jon
> > > > > > >
> > > > > > > * Breeze Howard (bhoward at acns.fsu.edu) [030110 15:02]:
> > > > > > > > Hello,
> > > > > > > >
> > > > > > > > I have almost completed installation of Pubcookie-3.0.0 beta3 Login server
> > > > > > > > on a Sun Fire 280R with Solaris 8. I am to the point where I generate a
> > > > > > > > DES key for the login server.
> > > > > > > >
> > > > > > > > However, when I issue the command I get this error.
> > > > > > > >
> > > > > > > > wireless# /usr/local/pubcookie/keyclient
> > > > > > > > connect: Connection refused
> > > > > > > >
> > > > > > > > The log file shows these messages:
> > > > > > > >
> > > > > > > > Jan 10 14:29:00 wireless keyclient[14286]: [ID 702911 local3.info]
> > > > > > > > security_init : hello
> > > > > > > > Jan 10 14:29:00 wireless keyclient[14286]: [ID 702911 local3.info]
> > > > > > > > security_init : goodbye
> > > > > > > >
> > > > > > > > When I run keyserver manually, it waits for input.
> > > > > > > >
> > > > > > > > wireless# keyserver
> > > > > > > > ^Cwireless#
> > > > > > > >
> > > > > > > > When I run it with an '&' in exits without any error messages.
> > > > > > > >
> > > > > > > > wireless# keyserver &
> > > > > > > > [2] 15175
> > > > > > > > wireless#
> > > > > > > > [2] + Stopped (tty input) keyserver
> > > > > > > >
> > > > > > > > The log file shows these messages for the keyserver:
> > > > > > > >
> > > > > > > > Jan 10 15:55:53 wireless keyserver[15175]: [ID 702911 local3.info]
> > > > > > > > security_init: hello
> > > > > > > > Jan 10 15:55:53 wireless keyserver[15175]: [ID 702911 local3.info]
> > > > > > > > security_init: goodbye
> > > > > > > >
> > > > > > > > I have added the keyserver daemon into /etc/inetd.conf (and HUPped it) and
> > > > > > > > it is not being tcpwrapped.
> > > > > > > >
> > > > > > > > Any ideas?
> > > > > > > >
> > > > > > > > Thanks in Advance,
> > > > > > > > Breeze
> > > > > > > > ----------------------
> > > > > > > > Breeze Howard
> > > > > > > > bhoward at acns.fsu.edu
> > > > > > > > (850) 644-2591
> > > > > > > > Academic Computing & Networking Services
> > > > > > > > Florida State University
> > > > > > > > _______________________________________________
> > > > > > > > Pubcookie-users mailing list
> > > > > > > > Pubcookie-users at u.washington.edu
> > > > > > > > http://mailman.u.washington.edu/mailman/listinfo/pubcookie-users
> > > > > > >
> > > > > > > --
> > > > > > > .Jonathan J. Miner------------------Division of Information Technology.
> > > > > > > |miner at doit.wisc.edu University Of Wisconsin - Madison|
> > > > > > > |608/262.9655 Room 3149 Computer Science|
> > > > > > > `---------------------------------------------------------------------'
> > > > > > >
> > > > > > > Forget it, Marge, it's Chinatown!
> > > > > > > -- Homer Simpson
> > > > > > > Secrets of a Successful Marriage
> > > > > > > (503)
> > > > > > >
> > > > >
> > > > > --
> > > > > .Jonathan J. Miner------------------Division of Information Technology.
> > > > > |miner at doit.wisc.edu University Of Wisconsin - Madison|
> > > > > |608/262.9655 Room 3149 Computer Science|
> > > > > `---------------------------------------------------------------------'
> > > > >
> > > > > Besides, including <std_ice_cubes.h> is a fatal error on machines that
> > > > > don't have it yet. Bad language design, there... :-)
> > > > > -- Larry Wall in <1991Aug22.220929.6857 at netlabs.com>
> > > > > (35)
> > > > >
> > >
> > > --
> > > .Jonathan J. Miner------------------Division of Information Technology.
> > > |miner at doit.wisc.edu University Of Wisconsin - Madison|
> > > |608/262.9655 Room 3149 Computer Science|
> > > `---------------------------------------------------------------------'
> > >
> > > I'd make people say 'use Fork;' if I thought I could get away with it.
> > > -- Larry Wall in <199806232054.NAA01735 at wall.org>
> > > (259)
> > >
>
> --
> .Jonathan J. Miner------------------Division of Information Technology.
> |miner at doit.wisc.edu University Of Wisconsin - Madison|
> |608/262.9655 Room 3149 Computer Science|
> `---------------------------------------------------------------------'
>
> Kent: Well, what do you say to the accusation that your group has
> been causing more crimes than it's been preventing?
> Homer: Oh, Kent, I'd be lying if I said my men weren't committing
> crimes.
> Homer the Vigilante
> (457)
>
More information about the pubcookie-users
mailing list