Re: Possible to use only IP addresses in MIT Kerberos (ie: disable DNS name resolution)?

Jeremy Hunt Mon, 28 Nov 2005 15:51:41 -0800

Including the following entry in the libdefaults section of krb5.conf
   dns_lookup_kdc = false
will probably work.

and if you don't want dns for the realm either, then add the followingentry as well:

   dns_lookup_realm = false


See /krb5/man/man5/krb5.conf.5 for details.


[EMAIL PROTECTED] wrote:

[safeTgram (optim1) receive status: NOT encrypted, NOT signed.]


Hi, I am investigating kerberizing of our application using
MIT Kerberos5.  Due to the nature of our application,
we cannot use DNS and must use host IP addresses
instead of hostnames during authentication.

However (I'm a Kerberos newbie), there doesn't seem
to be a way to disable name resolution.  For example,
I can't specify IP addresses for the KDC/kadmind
host in krb5.conf, it doesn't seem to work.

Has anybody had success in configuring only IP addresses
in MIT Kerberos5, or perhaps give me any tips?

Thanks, Richard

________________________________________________
Kerberos mailing list           [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos


________________________________________________
Kerberos mailing list           [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos

Re: Possible to use only IP addresses in MIT Kerberos (ie: disable DNS name resolution)?

Reply via email to