[133] in athena10
Kerberos authentication for username.mail.mit.edu
daemon@ATHENA.MIT.EDU (Timothy G Abbott)
Fri Mar 21 18:44:39 2008
Date: Fri, 21 Mar 2008 18:43:55 -0400 (EDT)
From: Timothy G Abbott <tabbott@MIT.EDU>
To: network@mit.edu
cc: athena10@mit.edu
Message-ID: <Pine.LNX.4.64L.0803191458050.4000@vinegar-pot.mit.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
I'm interested in moving the (al)pine installations in Debathena (and in
the future, Athena 10) from using Hesiod to lookup the user's po server to
using the username.mail.mit.edu hostnames. However, username.mail.mit.edu
is a CNAME to poNN.mail.mit.edu (rather than poNN.mit.edu), while the po
servers only have Kerberos keytabs for imap/poNN.mit.edu. Thus, Kerberos
authentication does not work with the username.mail.mit.edu hostnames.
It would be great if the username.mail.mit.edu hostnames worked with
Kerberos authentication (I think this could be done by either giving the
poNN servers imap/poNN.mail.mit.edu credentials in their keytabs or by
moving the CNAMEs to point to poNN.mit.edu).
-Tim Abbott
