On Wed, May 22, 2002 at 01:42:54PM +0200, Marc wrote: > Well that's strange because I have one: > > bash-2.03# klist -k > Keytab name: FILE:/etc/krb5/krb5.keytab > KVNO Principal > ---- > -------------------------------------------------------------------------- > 1 host/hostname.domain.com@REALM
Is `hostname.domain.com' the same as the output of the hostname command? If I recall correctly, Simon's modifications indirectly use gethostname() to determine the server principal name to use. This is different than what most Kerberos network applications do (they typically use getsockname()). It matters if your machine has multiple interfaces, or if for any other reason your hostname is different than the name you give the client. i.e. client% ssh foo server% hostname bar foo and bar must match. I sent Simon some patches some time ago to (a) allow one to specify how to get the server name in the server (sshd) and (b) allow one to specify a different name to use at the client (ssh) to handle such cases, as well as tunneling and things of that nature where the network name does not match the server name. I can dig them up if you like. Cheers, -- Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.nectar.cc/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos [EMAIL PROTECTED] . [EMAIL PROTECTED] . [EMAIL PROTECTED] ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] http://mailman.mit.edu/mailman/listinfo/kerberos
