Possible to use only IP addresses in MIT Kerberos (ie: disable DNS name resolution)?
Brian Davidson
bdavids1 at gmu.edu
Thu Nov 24 12:16:00 EST 2005
My understanding is that the process for determining what service
principal to obtain for a server involves doing gethostbyaddr(
gethostbyname() ). That is, find the IP for the given host, and then
find the name associated with that IP. Then ask the KDC for a ticket
for host/name.
So, you don't have to use DNS, but you must have resolvable names.
Brian
On Nov 23, 2005, at 10:28 PM, Paul Vixie wrote:
> rchowneltura at hotmail.com writes:
>
>> Has anybody had success in configuring only IP addresses
>> in MIT Kerberos5, or perhaps give me any tips?
>
> when i had to deploy krb5 without dns, i had to distribute an
> /etc/hosts file.
> --
> Paul Vixie
More information about the Kerberos
mailing list