Server passing IP instead of FQDN to Kerberos (during SSH GSSAPI)
Mathew Rowley
mathew_rowley at cable.comcast.com
Thu Mar 12 10:31:02 EDT 2009
Yes, reverse lookup works correctly...
[root at rsa01 ~]# nslookup 10.252.152.78
Server: 10.252.152.70
Address: 10.252.152.70#53
78.152.252.10.in-addr.arpa name = kdc01.security.lab.comcast.net.
MAT
On 3/12/09 12:09 AM, "Thomas Mueller" <thomas at chaschperli.ch> wrote:
>
>
>> > When looking at the krb5kdc.log I see:
>> >
>> > Mar 11 22:59:09 kdc01.security.lab.comcast.net krb5kdc[17694](info):
>> > TGS_REQ (7 etypes {18 17 16 23 1 3 2}) 10.252.152.78: UNKNOWN_SERVER:
>> > authtime 1236809289, red at COMCAST.NET for
>> > host/10.252.152.77 at COMCAST.NET, Server not found in Kerberos database
>> > krb5kdc: Interrupted system call - while selecting for network input(1)
>> >
>> > It seems like the box I am trying to ssh to is sending
>> > host/10.242.142.77©ö instead of what I expected
>> > host/rsa01.security.lab.comcast.net©ö. Does anyone have any idea why
>> > this would be happening? I have exact same configurations on RH5 boxes
>> > that will work properly and send host/FQDN... Thanks.
>
> reverse lookup of 10.252.152.78 on the host sending the ip address
> instead of the hostname shows the expected hostname?
>
> - Thomas
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
--
MAT
More information about the Kerberos
mailing list