[Samba] signing_good: BAD SIG: seq 1 & SMB Signature
verification failed on incoming packet!
Andrew Bartlett
abartlet at samba.org
Fri Jan 14 02:44:29 GMT 2005
On Fri, 2005-01-14 at 09:46 +1100, Tyler Retzlaff wrote:
> When winbind is started I get the following log messages:
>
> signing_good: BAD SIG: seq 1
> SMB Signature verification failed on incoming packet!
>
> After extensive googling the only reference I find is that my kerberos might
> be too old. (using krb 1.2.4). Can someone confirm is this a bug in kerberos
> or a bug in samba. If the later is there a workaround or do I have to
> upgrade to new kerberos?
That is the best fix, but I think Samba 3.0.10 (the current security
release) also contains code to handle this (we get a minor detail about
padding a key wrong). If not, it should be in 3.0.11pre1.
> If an kerberos upgrade is necessary maybe someone knows where I can get a
> backport of kerberos 1.3 for debian woody?
I always say that you should run krb5 1.3, and I know people have tried,
and upgrading Kerberos always seems to be a dependency nightmare (at
least from the RH experience).
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20050114/2c24e6ae/attachment.bin
More information about the samba
mailing list