In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Michael Urban) wrote: ... > The problem comes when I attempt to do the same thing with the same > version of OpenSSH built with the same options on a Solaris machine. > In that case, the server logs a "Server not found in Kerberos database" > message and gives up. I have looked at all the obvious candidates > (wrong DNS entry, disagreement as to host name in /etc/hosts and > DNS, etc) and come up empty. > > Unfortunately, the log messages do not tell me _what_ principal it > was trying to find in krb5.keytab (I assume that this is where > the mismatch or missing entry is).
I would expect ssh to acquire a ticket for the remote host service. You can see your tickets with "klist", so that will give you one side of the story. Speaking of /etc/hosts, the host's own name as it comes out of its own /etc/hosts has to match the hosts name as it comes out of DNS. So the fully qualified name must be listed first, not second after the short name. Donn Cave, [EMAIL PROTECTED] ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
