Server passing IP instead of FQDN to Kerberos (during SSH GSSAPI)
Thomas Mueller
thomas at chaschperli.ch
Thu Mar 12 02:09:44 EDT 2009
> When looking at the krb5kdc.log I see:
>
> Mar 11 22:59:09 kdc01.security.lab.comcast.net krb5kdc[17694](info):
> TGS_REQ (7 etypes {18 17 16 23 1 3 2}) 10.252.152.78: UNKNOWN_SERVER:
> authtime 1236809289, red at COMCAST.NET for
> host/10.252.152.77 at COMCAST.NET, Server not found in Kerberos database
> krb5kdc: Interrupted system call - while selecting for network input(1)
>
> It seems like the box I am trying to ssh to is sending
> Œhost/10.242.142.77¹ instead of what I expected
> Œhost/rsa01.security.lab.comcast.net¹. Does anyone have any idea why
> this would be happening? I have exact same configurations on RH5 boxes
> that will work properly and send host/FQDN... Thanks.
reverse lookup of 10.252.152.78 on the host sending the ip address
instead of the hostname shows the expected hostname?
- Thomas
More information about the Kerberos
mailing list