I'm trying to kerborize my setup, and am fairly certain that I have the
"basics" done (after only 5 hours! I can't understand why *more* people
don't do this! argh). However, when I try to connect to my kdc from a
client machine, it doesn't work. I have the keytabs setup, but I think
I'm missing something (probably something obvious). The following is
from my logs when connecting via ssh from .0.2 to .0.1 (client to
server):
May 20 00:14:47 bishop krb5kdc[8989](info): TGS_REQ (3 etypes {16 1 3})
192.168.0.2(16416): UNKNOWN_SERVER: authtime 1053411007,
david@BISHOP.DHS.ORG for krbtgt/DHS.ORG@BISHOP.DHS.ORG, Server not found
in Kerberos database
Now, two things to note: bishop.dhs.org trebles as my server name *and*
my domain *and* (in uppercase, of course) my realm. Unfortunetly, that's
just the way it goes in this odd free-domain-name spaces. (For those of
you following my various posts, this is my personal setup, not my friends
or my "real" servers. Assuming this goes alright, they're next). Now,
why does it think that my client is coming in as DHS.ORG@BISHOP.DHS.ORG?
Where do I tell it that I want it to declare itself as
debian.bishop.dhs.org@BISHOP.DHS.ORG? Or, to save typing,
debian@BISHOP.DHS.ORG? I can't see, and it's frankly too late for me to
even be coherent (see the previous three paragraphs for proof!). Any
pointers greatly appreciated, but not responded to until morning....
And of course, any clarifying information available upon request.
David
Attachment:
pgpx_yXkDWMOE.pgp
Description: PGP signature