[30858] in Kerberos
Server passing IP instead of FQDN to Kerberos (during SSH GSSAPI)
daemon@ATHENA.MIT.EDU (Mathew Rowley)
Wed Mar 11 19:36:31 2009
Date: Wed, 11 Mar 2009 17:34:32 -0600
From: Mathew Rowley <mathew_rowley@cable.comcast.com>
To: "kerberos@mit.edu" <kerberos@mit.edu>
Message-ID: <C5DDA6A8.93B4%mathew_rowley@cable.comcast.com>
Mime-version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
When trying to ssh with a kerberos ticket (with GSSAPI enabled and working)
to a RH4 box, I get the following error from ssh:
...
debug1: Authentications that can continue:
publickey,gssapi-with-mic,password,keyboard-interactive
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Server not found in Kerberos database
debug1: Unspecified GSS failure. Minor code may provide more information
Server not found in Kerberos database
...
When looking at the krb5kdc.log I see:
Mar 11 22:59:09 kdc01.security.lab.comcast.net krb5kdc[17694](info): TGS_REQ
(7 etypes {18 17 16 23 1 3 2}) 10.252.152.78: UNKNOWN_SERVER: authtime
1236809289, red@COMCAST.NET for host/10.252.152.77@COMCAST.NET, Server not
found in Kerberos database
krb5kdc: Interrupted system call - while selecting for network input(1)
It seems like the box I am trying to ssh to is sending host/10.242.142.77¹
instead of what I expected host/rsa01.security.lab.comcast.net¹. Does
anyone have any idea why this would be happening? I have exact same
configurations on RH5 boxes that will work properly and send host/FQDN...
Thanks.
--
MAT
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
