RPC Authentication error

Question

Last week I was using RPC and could run my RPC server program just fine. However, today I tried to start it again and I am getting this error:

Cannot register service: RPC: Authentication error; why = Client credential too weak unable to register (X_PROG, X_VERS, udp)

Can anybody tell me what the cause of this error can be?

rpcinfo gives me this:

   program version netid     address                service    owner
    100000    4    tcp6      ::.0.111               portmapper superuser
    100000    3    tcp6      ::.0.111               portmapper superuser
    100000    4    udp6      ::.0.111               portmapper superuser
    100000    3    udp6      ::.0.111               portmapper superuser
    100000    4    tcp       0.0.0.0.0.111          portmapper superuser
    100000    3    tcp       0.0.0.0.0.111          portmapper superuser
    100000    2    tcp       0.0.0.0.0.111          portmapper superuser
    100000    4    udp       0.0.0.0.0.111          portmapper superuser
    100000    3    udp       0.0.0.0.0.111          portmapper superuser
    100000    2    udp       0.0.0.0.0.111          portmapper superuser
    100000    4    local     /run/rpcbind.sock      portmapper superuser
    100000    3    local     /run/rpcbind.sock      portmapper superuser

The weird thing is that I haven't even been using this pc the past week. Are there any services that should be running?

Hope you can help me out. Grtz Stefan

Answer 1

Yet Another Solution: CentOS 7.3 edition

In addition to rpcbind, I also had to allow mountd in /etc/hosts.allow:

rpcbind : ALL : allow
mountd : ALL : allow

This finally allowed me to not only execute rpcinfo, but showmount and mount as well.

Answer 2

this error is linked to rpcbind,so you should stop service portmap like this:

sudo -i service portmap stop

then

sudo -i rpcbind -i -w

at end start service portmap:

sudo -i service portmap start

Answer 3

I realize this is an older thread, but Google finds it among the top 3 results and people are still discovering the nfs service error. Even Red Hat's RHN's fix didn't work.

As of December 2013 on a RHEL 6.4 (x64), and patched as of November 2013, the only solution was changing the permissions on the tcp_wrapper config files. Because we had secured the box pretty heavily, we had permissions of 640 on /etc/hosts.allow and /etc/hosts.deny, both owned by root:root. We did try given these files different group ownership nothing corrected the issue when nfs started.

Once we put the perms back to "out-of-the-box" (644) the nfs (rquotad) service started up as expected. Or if we moved the hosts.allow/deny out of the way entirely.

What a pain that was to figure out. The selinux logs may have helped if I had looked sooner.

Now if we had left selinux in enforcing mode this MAY have not been an issue. I still have to test that theory.

Good luck.

Answer 4

Making the change persistent on Ubuntu12.04 (assuming security implications of running rpcbind with -i are irrelevant):

echo 'OPTIONS="-w -i"' | sudo tee /etc/default/rpcbind
sudo service portmap restart