ssh to IP literal

Victor Sudakov vas at mpeks.no-spam-here.tomsk.su
Sun Dec 12 22:20:08 EST 2010


Colleagues,

Is it a bad thing to use IP literals as Kerberos principals? 
However, I am curious. When I try to "ssh user at 10.14.134.5", a very
strange ticket is being requested from the KDC:

2010-12-13T09:14:15 TGS-REQ sudakov at SIBPTUS.TOMSK.RU from IPv4:10.14.134.125 for krbtgt/14.134.5 at SIBPTUS.TOMSK.RU
2010-12-13T09:14:15 Server not found in database: krbtgt/14.134.5 at SIBPTUS.TOMSK.RU: No such entry in the database
2010-12-13T09:14:15 Failed building TGS-REP to IPv4:10.14.134.125

What exactly is "krbtgt/14.134.5" ? Why only the last 3 octets of the
address?

The implementation is Heimdal 1.1.0 from the FreeBSD base system.

-- 
Victor Sudakov,  VAS4-RIPE, VAS47-RIPN
2:5005/49 at fidonet http://vas.tomsk.ru/



More information about the Kerberos mailing list