psql: duplicate GSS authentication request

Question

What does it mean by saying 'duplicate' ? How to troubleshoot this?

guest@www:~$ klist
Ticket cache: FILE:/tmp/krb5cc_1000
Default principal: user/admin@SOHONET

Valid starting       Expires              Service principal
12/11/2015 07:37:08  12/11/2015 17:37:08  krbtgt/SOHONET@SOHONET
        renew until 12/12/2015 07:37:05
12/11/2015 07:37:10  12/11/2015 17:37:08  postgres/pghost.sohonet@
        renew until 12/12/2015 07:37:05
12/11/2015 07:37:10  12/11/2015 17:37:08  postgres/pghost.sohonet@SOHONET
        renew until 12/12/2015 07:37:05
guest@www:~$ VERBOSITY=verbose psql -h pghost -d sqlpocket postgres/pghost.sohonet@SOHONET -l
psql: duplicate GSS authentication request
guest@www:~$


2015-12-11 09:03:22 UTC FATAL:  XX000: accepting GSS security context failed
2015-12-11 09:03:22 UTC DETAIL:  Unspecified GSS failure.  Minor code may provide more information: Permission denied
2015-12-11 09:03:22 UTC LOCATION:  pg_GSS_error, auth.c:988
2015-12-11 09:03:22 UTC FATAL:  28000: GSSAPI authentication failed for user "postgres/pghost.sohonet@SOHONET"
2015-12-11 09:03:22 UTC LOCATION:  auth_failed, auth.c:302

score 0 · Answer 1 · answered Jan 24 '16 at 23:53

I have seen this error when the server side user does not match the user I am trying to log in as. In your case you are trying to log in as postgres/pghost.sohonet@SOHONET while your TGT is for user/admin@SOHONET.

postgres/pghost.sohonet is the service principal, it is not the user you should authenticate as. Try logging in as user/admin instead, and make sure the user or an appropriate mapping exists on the server side.

psql: duplicate GSS authentication request

1 Answers1