Wrong principal in request using virt interface
Christopher D. Clausen
cclausen at acm.org
Mon Jan 29 18:00:32 EST 2007
petesea at bigfoot.com wrote:
> On Mon, 29 Jan 2007, Christopher D. Clausen wrote:
>> petesea at bigfoot.com wrote:
>>
>>> I'm moving the server to a new cluster of RHE hosts that use virtual
>>> interfaces (eg. eth0:1) to allow for failover to a new host while
>>> still maintaining the original IP address. On this new system I'm
>>> getting the following error when I run sshd in debug (-ddd) mode:
>>>
>>> Wrong principal in request
>>>
>>> I have 2 IP addresses and 2 hostnames associated with the 2
>>> interfaces (one of them a virtual interface) on my workstation:
>>>
>>> interface hostname ip
>>> -----------------------------------------
>>> eth0 gort.home.org 192.168.0.2
>>> eth0:1 cvs.home.org 192.168.0.200
>>
>> Can you simply fail-over using the same IP on both interfaces? (I
>> believe there is a bonding module in Linux that can do this.)
>
> The point of the virt interface is so it can be moved to a different
> host. If the virt interface has the same IP as the real interface,
> then it couldn't be moved to another host. In other words, the
> "fail-over" is to fail over to a completely separate host, not a
> separate interface on the same host.
Sorry, I think I'm missing something... These are NOT Kerberos KDCs are
they?
You are trying to have a clustered service that uses Kerberos for SSH?
And can essentially be treated a multi-homed system?
Do you have proper A and PTR records for both names? What does your
/etc/hosts file look like? What does hostname -f return on your system?
<<CDC
More information about the Kerberos
mailing list