RPC R Can't authenticate (too weak)

From: Dan Robb (dan@tradegrp.com)
Date: Mon Dec 19 2005 - 16:45:23 EST

• Next message: Robert K: "NFS"
• Previous message: Chris Cameron: "Keeping tabs on network health"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Sunmanagers,

I have a i86pc NFS client that cannot mount (automount or otherwise) a
shared directory (/export/home) off my NFS server. The client (SunOS
nfsclient 5.10 Generic_118844-20 i86pc i386 i86pc) is set up the same as
the rest of my clients, which are working correctly. The client can
mount other shared directories off other NFS servers. The only
difference is that this client is dual-homed but the interfaces are
physical, not virtual.

nfsclient# ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu
8232 index 1
        inet 127.0.0.1 netmask ff000000
e1000g0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
        inet 192.168.xx.xx netmask ffffff00 broadcast 192.168.xx.255
        ether 0:12:3f:20:9:30
e1000g1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 3
        inet 172.20.xx.xx netmask ffffffe0 broadcast 172.20.xx.xxx
        ether 0:12:3f:20:9:31

nfsclient's messages file is filled with permission denied messages:

Dec 19 15:25:24 nfsclient nfs: [ID 664466 kern.notice] NFS fsinfo failed
for server nfsserv: error 7 (RPC: Authentication error)
Dec 19 15:25:24 nfsclient automountd[331]: [ID 834250 daemon.error]
Mount of nfsserv:/export/home on /home/nfsserv: Permission denied

When I try to cd into /home/nfsserv, I get a "No such file or directory"
message.

When I try and mount nfsserv:/export/home directly to /mnt or cd to
/net/nfsserv/export I get Permission denied.

My nfs server (SunOS nfsserv 5.8 Generic-108528-24 sun4u sparc SUNW,
Ultra-250) isn't complaining except for the following snoop output I
collected when trying to mount /export/home on the client:

# snoop nfsserv
Using device /dev/e1000g (promiscuous mode)
        nfsclient -> nfsserv TCP D=2049 S=32862 Syn
Seq=4244347003 Len=0 Win=49640 Options=<mss 1460,nop,wscale
0,nop,nop,sackOK>
        nfsserv -> nfsclient TCP D=32862 S=2049 Syn
Ack=4244347004 Seq=1414823132 Len=0 Win=24820 Options=<nop,wscale
0,nop,nop,sackOK,mss 1460>
        nfsclient -> nfsserv TCP D=2049 S=32862 Ack=1414823133
Seq=4244347004 Len=0 Win=49640
        nfsclient -> nfsserv NFS C NULL4
        nfsserv -> nfsclient TCP D=32862 S=2049 Ack=4244347048
Seq=1414823133 Len=0 Win=24776
        nfsserv -> nfsclient RPC R (#4) XID=1134732813 Program
number mismatch (low=2, high=3)
        nfsclient -> nfsserv TCP D=2049 S=32862 Ack=1414823169
Seq=4244347048 Len=0 Win=49640
        nfsclient -> nfsserv TCP D=2049 S=32862 Fin
Ack=1414823169 Seq=4244347048 Len=0 Win=49640
        nfsserv -> nfsclient TCP D=32862 S=2049 Ack=4244347049
Seq=1414823169 Len=0 Win=24820
        nfsserv -> nfsclient TCP D=32862 S=2049 Fin
Ack=4244347049 Seq=1414823169 Len=0 Win=24820
        nfsclient -> nfsserv TCP D=2049 S=32862 Ack=1414823170
Seq=4244347049 Len=0 Win=49640
        nfsclient -> nfsserv PORTMAP C GETPORT prog=100003 (NFS)
vers=3 proto=UDP
        nfsserv -> nfsclient PORTMAP R GETPORT port=2049
        nfsclient -> nfsserv NFS C NULL3
        nfsserv -> nfsclient NFS R NULL3
        nfsclient -> nfsserv PORTMAP C GETPORT prog=100005
(MOUNT) vers=3 proto=UDP
        nfsserv -> nfsclient PORTMAP R GETPORT port=32949
        nfsclient -> nfsserv MOUNT3 C Null
        nfsserv -> nfsclient MOUNT3 R Null
        nfsclient -> nfsserv MOUNT3 C Mount /export/home
        nfsserv -> nfsclient MOUNT3 R Mount OK FH=BDD6 Auth=unix
        nfsclient -> nfsserv PORTMAP C GETPORT prog=100003 (NFS)
vers=3 proto=TCP
        nfsserv -> nfsclient PORTMAP R GETPORT port=2049
        nfsclient -> nfsserv NFS C FSINFO3 FH=BDD6
        nfsserv -> nfsclient RPC R (#24) XID=3121418445 Can't
authenticate (too weak)
        nfsclient -> nfsserv PORTMAP C GETPORT prog=100005
(MOUNT) vers=3 proto=UDP
        nfsserv -> nfsclient PORTMAP R GETPORT port=32949
        nfsclient -> nfsserv MOUNT3 C Null
        nfsserv -> nfsclient MOUNT3 R Null
        nfsclient -> nfsserv MOUNT3 C Mount /export/home
        nfsserv -> nfsclient MOUNT3 R Mount OK FH=BDD6 Auth=unix
        nfsclient -> nfsserv PORTMAP C GETPORT prog=100003 (NFS)
vers=3 proto=TCP
        nfsserv -> nfsclient PORTMAP R GETPORT port=2049
        nfsclient -> nfsserv TCP D=2049 S=1002 Ack=1402440512
Seq=4232811440 Len=0 Win=49640
        nfsclient -> nfsserv NFS C FSINFO3 FH=BDD6
        nfsserv -> nfsclient RPC R (#35) XID=3171750093 Can't
authenticate (too weak)

Any insight the list has would be greatly appreciated. I will
summarize. TIA.

-- 
___
_____
________
Daniel P. Robb
TradeGroup
205 N. Michigan Ave.
Suite 1600
Chicago, IL 60601
dan@tradegrp.com
(312) 729-0763 direct
(312) 729-0750 main
(312) 861-0789 fax
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Robert K: "NFS"
• Previous message: Chris Cameron: "Keeping tabs on network health"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:37:55 EDT