Misbehaving krb5 forwarding?
Sam Hartman
hartmans at MIT.EDU
Tue Mar 30 15:47:53 EST 2004
>>>>> "Adar" == Adar Dembo <adar at stanford.edu> writes:
Adar> I am behind a NAT network topology where one linux box
Adar> contains two network cards and serves as a firewall for the
Adar> other. The first (adar) has my real IP as well as 10.0.0.1,
Adar> while the second (adard) has 10.0.0.2. The first is
Adar> connected to the Internet via normal CAT5 Ethernet while the
Adar> second is connected via an Ethernet crossover cable to the
Adar> first.
Adar> For some reason, my kerberos 5 ticket forwarding is
Adar> misbehaving in conjunction with the MIT kerberos 1.2.8
Adar> klogind server (this server lacks any special patches to the
Adar> kerberos 5 handling). Here is some output from my machine
Adar> that exhibit the problem:
Upgrade to 1.3.2 or 1.3.3 (released soon) and use addressless tickets.
You should see better behavior in this case.
More information about the Kerberos
mailing list