[2107] in Kerberos-V5-bugs
Re: Canonical host names in a NIS/DNS network
daemon@ATHENA.MIT.EDU (Sam Hartman)
Mon Jul 22 20:12:01 1996
To: slack@cc.utah.edu
Cc: krb5-bugs@MIT.EDU
From: Sam Hartman <hartmans@MIT.EDU>
Date: 22 Jul 1996 20:11:53 -0400
In-Reply-To: David Slack's message of Thu, 11 Jul 1996 11:24:36 -0600
Arguably, using NIS for name services is not the best
approach, and now is as good of a time as any to use DNS for for your
name location information. However, you probably want to do this.
The second solution is to change the host names in your NIS
hosts map to look like the following:
123.456.789.101 host.subdomain.domain.edu host
This will give you the fully qualified domain for the host
through NIS or DNS. It is reasonable to argue that any configuration
of Internet-connected hosts where gethostbyaddr(3) returns something
that is not a FQDN is broken.
Finally, I think you can implement your third approach by
reading several srvtabs into the ktutil program and writing out a
srvtab that contains all the keys.
--Sam
