KDC does not accept requests through loopback interface
Jeffrey Hutzelman
jhutz at cmu.edu
Tue Feb 28 16:54:11 EST 2006
On Wednesday, February 22, 2006 04:08:33 PM -0800 Russ Allbery
<rra at stanford.edu> wrote:
> avillarrealpouw <avillarrealpouw at netscape.net> writes:
>
>> I have been testing the Fedora distribution of Kerberos and tripped on a
>> problem: after upgrading from Fedora core 3 to Fedora core 4 in my KDC
>> the KDC stopped receiving requests for tickets through the loopback
>> interface.
>
>> This means that I cannot run "kinit" or "kadmin" from the KDC,
>
> Why? Why don't kinit and kadmin use the same IP address as any other
> client when run from the KDC?
Presumably the krb5.conf names the KDC's by name, and on the KDC host,
gethostbyname() of that name returns 127.0.0.1 due to the default RedHat
behavior of including an entry in /etc/hosts that maps the local hostname
to the loopback address.
More information about the Kerberos
mailing list