Post-installation rlogin error
Mike Friedman
mikef at ack.Berkeley.EDU
Fri Sep 27 12:34:41 EDT 2002
On Fri Sep 27 08:13:55 2002, Breeze Howard said:
> But this error is found in the /var/log/krb5kdc.log
> ----------------------------------------------------------------------------
> Sep 27 10:11:42 citest krb5kdc[22017](info): TGS_REQ (1 etypes {1})
> 128.186.6.13(88): UNKNOWN_SERVER: authtime 1033135885,
> bhoward at TEST.ACNS.FSU.EDU for host/citest at TEST.ACNS.FSU.EDU, Server not
> found in Kerberos database
> ----------------------------------------------------------------------------
Breeze,
Notice that the KDC thinks the server principal is 'host/citest', not
'host/citest.acns.fsu.edu'. Your Solaris system's /etc/host probably
has the 'short' hostname as the default. The Kerberos libraries do
a gethostbyname(gethostbyaddr()) of the IP address of the server host
to figure out the host service principal name. You'd have to change
/etc/host so that the default hostname is the FQDN of the host. (Or
else register the host principal using the short form of the hostname,
which is probably not a good idea, since there might at some later time
be another host in your domain whose first portion is also 'citest').
Mike
------------------------------------------------------------------------------
Mike Friedman System and Network Security
mikef at ack.Berkeley.EDU 2484 Shattuck Avenue
1-510-642-1410 University of California at Berkeley
http://ack.Berkeley.EDU/~mikef http://security.berkeley.edu
------------------------------------------------------------------------------
More information about the Kerberos
mailing list