[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]


I'm trying to kerborize my setup, and am fairly certain that I have the
"basics" done (after only 5 hours! I can't understand why *more* people
don't do this! argh).  However, when I try to connect to my kdc from a
client machine, it doesn't work.  I have the keytabs setup, but I think
I'm missing something (probably something obvious).  The following is
from my logs when connecting via ssh from .0.2 to .0.1 (client to

May 20 00:14:47 bishop krb5kdc[8989](info): TGS_REQ (3 etypes {16 1 3}) UNKNOWN_SERVER: authtime 1053411007,
david@BISHOP.DHS.ORG for krbtgt/DHS.ORG@BISHOP.DHS.ORG, Server not found
in Kerberos database

Now, two things to note: bishop.dhs.org trebles as my server name *and*
my domain *and* (in uppercase, of course) my realm.  Unfortunetly, that's 
just the way it goes in this odd free-domain-name spaces.  (For those of 
you following my various posts, this is my personal setup, not my friends 
or my "real" servers.  Assuming this goes alright, they're next).  Now, 
why does it think that my client is coming in as DHS.ORG@BISHOP.DHS.ORG?  
Where do I tell it that I want it to declare itself as
debian.bishop.dhs.org@BISHOP.DHS.ORG? Or, to save typing,
debian@BISHOP.DHS.ORG?  I can't see, and it's frankly too late for me to
even be coherent (see the previous three paragraphs for proof!).  Any
pointers greatly appreciated, but not responded to until morning....

And of course, any clarifying information available upon request.


Attachment: pgpTXK3_MUMya.pgp
Description: PGP signature

Reply to: