I'm trying to kerborize my setup, and am fairly certain that I have the "basics" done (after only 5 hours! I can't understand why *more* people don't do this! argh). However, when I try to connect to my kdc from a client machine, it doesn't work. I have the keytabs setup, but I think I'm missing something (probably something obvious). The following is from my logs when connecting via ssh from .0.2 to .0.1 (client to server):
May 20 00:14:47 bishop krb5kdc[8989](info): TGS_REQ (3 etypes {16 1 3})
192.168.0.2(16416): UNKNOWN_SERVER: authtime 1053411007,
[EMAIL PROTECTED] for krbtgt/[EMAIL PROTECTED], Server not found
in Kerberos database
Now, two things to note: bishop.dhs.org trebles as my server name *and*
my domain *and* (in uppercase, of course) my realm. Unfortunetly, that's
just the way it goes in this odd free-domain-name spaces. (For those of
you following my various posts, this is my personal setup, not my friends
or my "real" servers. Assuming this goes alright, they're next). Now,
why does it think that my client is coming in as [EMAIL PROTECTED]
Where do I tell it that I want it to declare itself as
[EMAIL PROTECTED] Or, to save typing,
[EMAIL PROTECTED] I can't see, and it's frankly too late for me to
even be coherent (see the previous three paragraphs for proof!). Any
pointers greatly appreciated, but not responded to until morning....
And of course, any clarifying information available upon request.
David
pgpZ2pEME6pmq.pgp
Description: PGP signature
