To get the realm for a host, the code tries like this:

_kerberos.host.x.y.top TXT
_kerberos.x.y.top TXT
_kerberos.y.top TXT
_kerberos.top TXT

Example from habanero (my black box):

$ dig +short _kerberos.habanero.pdc.kth.se txt

nope :(

$ dig +short _kerberos.pdc.kth.se txt
"NADA.KTH.SE"

yes :)

Then to find the KDC:

$ dig +short _kerberos._udp.NADA.KTH.SE srv
0 0 88 kdc0.nada.kth.se.
1 0 88 houting.pdc.kth.se.
2 0 88 kinilaw.pdc.kth.se.

and if there is no contact by UDP, then maybe even

$ dig +short _kerberos._tcp.NADA.KTH.SE srv
2 0 88 kinilaw.pdc.kth.se.
0 0 88 kdc0.nada.kth.se.
1 0 88 houting.pdc.kth.se.

Harald.

Reply via email to