[31627] in Kerberos
Re: Server not found in Kerberos database
daemon@ATHENA.MIT.EDU (Douglas E. Engert)
Thu Oct 29 11:11:41 2009
Message-ID: <4AE9B08A.8050604@anl.gov>
Date: Thu, 29 Oct 2009 10:11:06 -0500
From: "Douglas E. Engert" <deengert@anl.gov>
MIME-Version: 1.0
To: jim_bob <romanbo@gmail.com>
In-Reply-To: <97e74288-2909-490d-9386-ae8efd896850@r36g2000vbn.googlegroups.com>
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
jim_bob wrote:
> On Oct 28, 4:57 pm, "Douglas E. Engert" <deeng...@anl.gov> wrote:
>> jim_bob wrote:
>>> Hello, I am trying to get ssh single sign on working with kerberos but
>>> it keeps failing with "server not found in Kerberos database" the
>>> optput of ssh -vvv:
>> Have you added the host/krb1.testsetup....@TESTSETUP.COM principal
>> to the KDC, and created the matching krb5.keytab file on krb1.testsetup.com?
>>
>
> Yes, the host/krb1 pric and krb5.keytab file are present.
Kerberos wants FQDN for host principals. Are they using the FQDN?
The ssh says it could not find the name in the database.
Wireshark or some other network tool can be very helpful too.
It can parse the Kerberos packets for you.
> ________________________________________________
> Kerberos mailing list Kerberos@mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
>
--
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
