[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Segfault lurking in ktutil's krb5_principal_get_realm()?
On Jun 16, 2004, at 6:07 AM, Måns Nilsson KTHNOC wrote:
> --On Wednesday, June 09, 2004 11:58:48 +0200 Harald Barth
> <haba@pdc.kth.se>
> wrote:
>
>> Workaround2: Fix your reverse lookup:
>>
>> myhost# cat > /etc/hosts
>> #
>> # Internet host table
>> #
>> 127.0.0.1 localhost
>> 17.17.17.17 myhost.pdc.kth.se myhost loghost
>
> In my badly set up mess one floor down from you, one always must do
> that in
> order for login over telnet et. al. to work; ie. the server on which
> telnetd runs must have its FQDN *first* after the IP address on the
> /etc/hosts line.
>
> This is consistent for v4 and v6, and I do not know whether it is
> specific
> to my system or general.
It's in general. I think it's even in the Kerberos FAQ. Oracle will
tell you to do this as part of setting up Kerberos support for their
database.
The issue is really a naming convention:
gethostname(gethostbyname(hostname())) has to match on the client,
server, and the instance value of the service principal used. If
you've got a better way to guarantee that, no problem.
------------------------------------------------------------------------
----
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu