Post-installation rlogin error

Mike Friedman mikef at ack.Berkeley.EDU
Fri Sep 27 12:34:41 EDT 2002

On Fri Sep 27 08:13:55 2002, Breeze Howard said:

> But this error is found in the /var/log/krb5kdc.log
> ----------------------------------------------------------------------------
> Sep 27 10:11:42 citest krb5kdc[22017](info): TGS_REQ (1 etypes {1})
> UNKNOWN_SERVER: authtime 1033135885,
> bhoward at TEST.ACNS.FSU.EDU for host/citest at TEST.ACNS.FSU.EDU, Server not
> found in Kerberos database
> ----------------------------------------------------------------------------


Notice that the KDC thinks the server principal is 'host/citest', not
'host/'.  Your Solaris system's /etc/host probably
has the 'short' hostname as the default.  The Kerberos libraries do
a gethostbyname(gethostbyaddr()) of the IP address of the server host
to figure out the host service principal name.  You'd have to change
/etc/host so that the default hostname is the FQDN of the host.  (Or
else register the host principal using the short form of the hostname,
which is probably not a good idea, since there might at some later time
be another host in your domain whose first portion is also 'citest').


Mike Friedman                             System and Network Security
mikef at ack.Berkeley.EDU                    2484 Shattuck Avenue
1-510-642-1410                            University of California at Berkeley

More information about the Kerberos mailing list