Ernesto Alfonso:
Now my problem is still understanding why `bos listkeys` now succeeds but returns an empty set when asetkey does list 4 keys.
Because you deleted the wrong key. The AFS principal should be named "afs/<domain>@<REALM>". Just follow the instructions in https://docs.openafs.org/QuickStartUnix/HDRWQ50.html, under "Generating the Cell's Kerberos V5 Keys", but replace "/usr/afs/etc" with "/etc/openafs/server", which is used on Debian/Ubuntu, and you should be all set.
Also note that if you setup multiple servers, you only need to do the kadmin part once, and copy the resulting rxkad.keytab (and probably KeyFileExt) to all servers, since the kvno needs to be the same on all servers, but exporting the key increases it.
HTH... Dirk -- Dirk Heinrichs <[email protected]> Matrix-Adresse: @heini:chat.altum.de GPG Public Key: 80F1540E03A3968F3D79C382853C32C427B48049 Privacy Handbuch: https://www.privacy-handbuch.de
OpenPGP_signature.asc
Description: OpenPGP digital signature
