[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: problem: default realm in openssh

To: Johan Danielsson <joda@pdc.kth.se>
Subject: Re: problem: default realm in openssh
From: David Komanek <xdavid@lib-eth.natur.cuni.cz>
Date: Mon, 24 Nov 2003 12:42:43 +0100 (CET)
cc: heimdal-discuss@sics.se
In-Reply-To: <xofhe0usxsy.fsf@blubb.pdc.kth.se>
References: <3FB3D29A.2040202@alcatel.com> <amn0azkjb5.fsf@nutcracker.stacken.kth.se><Pine.OSF.4.51.0311181821060.252694@tao.natur.cuni.cz> <xofy8ucvdba.fsf@blubb.pdc.kth.se><Pine.OSF.4.51.0311191314520.384034@tao.natur.cuni.cz><Pine.OSF.4.58.0311231716200.171279@lib-eth.natur.cuni.cz><xofhe0usxsy.fsf@blubb.pdc.kth.se>
Sender: owner-heimdal-discuss@sics.se


The test program recognizes the realm corretly:

# ./hostname_test pteryx
pteryx: hostname pteryx.natur.cuni.cz, realms NATUR.CUNI.CZ
# ./hostname_test tao
tao: hostname tao.natur.cuni.cz, realms NATUR.CUNI.CZ

The same output on both "working" and "bad" machines.

I also checked /etc/resolv.conf if it contains domain statement and it is
o.k., too.

Here is more description to my situation:

machine A: running kdc and kadmind, kinit works, kadmin works
machine B: client only, kinit works, kadmin works
ssh from A to A with ticket: works
ssh from A to B with ticket: "unable to find realm of host B"
ssh from B to B with ticket: "unable to find realm of host B"
ssh from B to A with ticket: works only if I use the FQDN as target,
                             with short name "unable to find realm of host A"

Does it make any sense ?

David


On Sun, 23 Nov 2003, Johan Danielsson wrote:

> David Komanek <xdavid@lib-eth.natur.cuni.cz> writes:
>
> > unable to find realm of host prfdec
>
> The hostname passed to krb5_get_host_realm should be fully qualified,
> so something is obviously wrong.
>
> What does this program output?
>
> /Johan

Follow-Ups:
- Re: problem: default realm in openssh
  - From: joda@pdc.kth.se (Johan Danielsson)

References:
- how to forward tickets
  - From: Sujeevan Rasaratnam <sujeevan.rasaratnam@alcatel.com>
- Re: how to forward tickets
  - From: Love <lha@stacken.kth.se>
- krb4 ticket not accepted
  - From: Martin MOKREJŠ <mmokrejs@natur.cuni.cz>
- Re: krb4 ticket not accepted
  - From: joda@pdc.kth.se (Johan Danielsson)
- Re: krb4 ticket not accepted
  - From: Martin MOKREJŠ <mmokrejs@natur.cuni.cz>
- problem: default realm in openssh
  - From: David Komanek <xdavid@lib-eth.natur.cuni.cz>
- Re: problem: default realm in openssh
  - From: joda@pdc.kth.se (Johan Danielsson)

Prev by Date: Re: Switching to sub searches for hdb-ldap.c
Next by Date: Re: Switching to sub searches for hdb-ldap.c
Prev by thread: Re: problem: default realm in openssh
Next by thread: Re: problem: default realm in openssh
Index(es):
- Date
- Thread