[33007] in Kerberos
Re: ssh to IP literal
daemon@ATHENA.MIT.EDU (Victor Sudakov)
Fri Dec 31 14:44:22 2010
From: Victor Sudakov <vas@mpeks.no-spam-here.tomsk.su>
Date: Thu, 30 Dec 2010 05:43:23 +0000 (UTC)
Message-ID: <ifh65r$1q4d$1@relay.tomsk.ru>
X-Complaints-To: noc@sibptus.tomsk.ru
X-Comment-To: Greg Hudson <ghudson@MIT.EDU>
To: kerberos@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Greg Hudson wrote:
[dd]
> > But earlier you said that DNS-canonicalization of the gethostname() is
> > used. If we have no DNS, who will canonicalize the hostname?
> That's shorthand because so many installations use DNS for hostname
> resolution. Heimdal uses getaddrinfo() for its canonicalization step,
> and falls back to the raw hostname if that fails.
I have been able to successfully authenticate (OpenSSH,
gssapi-with-mic) to a host not present in the DNS, only in the "hosts"
NIS map. It works!! :)
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
2:5005/49@fidonet http://vas.tomsk.ru/
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
