Ssh trouble with forwarding
Matthijs Mohlmann
matthijs at active2.homelinux.org
Tue Sep 2 11:15:40 EDT 2003
On Tue, 2003-09-02 at 05:12, Donn Cave wrote:
> Quoth matthijs at active2.homelinux.org (Matthijs Mohlmann):
>
> | I have trouble with ssh en forwarding.
> ...
> | Now when i try to login to my ssh service with the following command:
> | matthijs at Server:~$ ssh -A -K active2.active2.homelinux.org
> | Password:
> |
> | I don't want that password prompt. My ticket is enough to authenticate
> | me.
> |
> | When i now do some debugging:
> | Active2:~# ssh -d -f /etc/ssh/sshd_config
> ...
> | 17612: debug1: Miscellaneous failure
> | 17612: debug1: No principal in keytab matches desired name
> |
> | What does this mean ? I have a
> | host/active2.active2.homelinux.org at ACTIVE2.HOMELINUX.ORG in my
> | /etc/krb5.keytab on the ssh-server. I have also a ssh service key in my
> | keytab (ssh/active2.active2.homelinux.org at ACTIVE2.HOMELINUX.ORG)
>
> However, the IP address associated with that name seems to be
> actually hosted at x4sall.nl, under another domain name. Your
> key unfortunately has to match that "canonical" domain name,
> rather than active2.active2. Or at any rate, you have to use
> whatever name the host uses for itself.
>
> Donn Cave, donn at drizzle.com
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
ey
Thanks for response
Sorry i haven't told to you
This is a testproject of me. I want to check the security if it is
portable to the internet and so on. I want to check the administration
on how much work it is. And i want to see if it is portable to OpenBSD,
FreeBSD, Linux (especially Debian GNU/Linux)
My server is a Debian GNU/Linux machine and my router a OpenBSD 3.4-beta
machine. On my server runs the KerberosV server.
I have my own dns-server for internal network. And my domain is
active2.homelinux.org. My computers are
<name>.active2.homelinux.org and all this names are in the dns. I have
checked what ip every computer is using and it sounds to me as oke
active2.active2.homelinux.org - 192.168.0.2
server.active2.homelinux.org - 192.168.0.7
router.active2.homelinux.org - 192.168.0.1
Thanks for replying.
More information about the Kerberos
mailing list