Kerberos auth based on ticket

Simo Sorce ssorce at redhat.com
Tue Dec 16 08:36:07 EST 2008


On Tue, 2008-12-16 at 04:48 -0700, Mathew Rowley wrote:
> Looks like my problem is ‘Server not found in Kerberos database’.  So I am
> assuming that I need the server in the kerberos database as well as the
> user... Is that done just like adding a principal?
> 
> Sorry, very new to this.

Matthwew, yes, as the freeipa.org (or the Red Hat docs) say you have to
create a principal for the target machine and obtain a keytab for it.

http://freeipa.org/page/ConfiguringRhelClients#Configuring_Client_SSH_Access

The 2 commands to use here are: ipa-addservice and ipa-getkeytab,
given these are custom commands that work only in an ipa context I
suggest you jump on the freeipa-users mailing list if you like.

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York




More information about the Kerberos mailing list