[454] in Kerberos
interrealm krbtgt's
daemon@TELECOM.MIT.EDU (qjb@ATHENA.MIT.EDU)
Sat Jul 23 00:04:45 1988
From: qjb@ATHENA.MIT.EDU
To: kerberos@ATHENA.MIT.EDU
Suppose I have the following /etc/krb.realms:
.MIT.EDU ATHENA.MIT.EDU
HOST2.MIT.EDU REALM2.MIT.EDU
My workstation is in realm ATHENA.MIT.EDU.
If I login or kinit qjb, I get a single ticket:
krbtgt.ATHENA.MIT.EDU@ATHENA.MIT.EDU
Even though REALM2.MIT.EDU and ATHENA.MIT.EDU allow each have the
appropriate keys for inter-realm mutual authentication (if this is the
correct terminology), I cannot
nfsid HOST2
Now, if I change kerberos ticket files and kinit qjb@REALM2.MIT.EDU,
I get a single ticket:
krbtgt.REALM2.MIT.EDU@REALM2.MIT.EDU
Now if I type "nfsid soup", I get an error. The only way I can
successfully get both commands to work simultaenously is to hand-edit
my kerberos ticket file and add the latter ticket to the first file
(or the other way around). If I do this and then type "nfsid HOST2",
I get both the rvdsrv.HOST2.MIT.EDU@REALM2.MIT.EDU ticket and the
krbtgt.REALM2.MIT.EDU@ATHENA.MIT.EDU that had to exist for this to
work in the first place. Is there a way that I can get both of these
tickets without hand-editing my ticket file?
