[32956] in Kerberos
ssh to IP literal
daemon@ATHENA.MIT.EDU (Victor Sudakov)
Mon Dec 13 00:17:23 2010
From: Victor Sudakov <vas@mpeks.no-spam-here.tomsk.su>
Date: Mon, 13 Dec 2010 03:20:08 +0000 (UTC)
Message-ID: <ie43d8$2jsg$1@relay.tomsk.ru>
X-Complaints-To: noc@sibptus.tomsk.ru
To: kerberos@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Colleagues,
Is it a bad thing to use IP literals as Kerberos principals?
However, I am curious. When I try to "ssh user@10.14.134.5", a very
strange ticket is being requested from the KDC:
2010-12-13T09:14:15 TGS-REQ sudakov@SIBPTUS.TOMSK.RU from IPv4:10.14.134.125 for krbtgt/14.134.5@SIBPTUS.TOMSK.RU
2010-12-13T09:14:15 Server not found in database: krbtgt/14.134.5@SIBPTUS.TOMSK.RU: No such entry in the database
2010-12-13T09:14:15 Failed building TGS-REP to IPv4:10.14.134.125
What exactly is "krbtgt/14.134.5" ? Why only the last 3 octets of the
address?
The implementation is Heimdal 1.1.0 from the FreeBSD base system.
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
2:5005/49@fidonet http://vas.tomsk.ru/
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
