SSH with Multiple Interfaces

Edward Murrell edward at dlconsulting.com
Thu Jan 18 17:55:15 EST 2007


Nicolas Williams wrote:
> Give your server host/f.q.d.n principals and keytab entries for all its
> interfaces' canonical names.
>   
Did that. SSH ignores them.
> And get a client that know how to decode the SSH_MSG_KEXGSS_ERROR
> message :)
>
> Nico
>   
That's really not an option. In most cases, the client will be bog
standard OpenSSH, and I don't have a snowballs chance in hell of
mandating client changes.



More information about the Kerberos mailing list