ssh to IP literal

Victor Sudakov vas at mpeks.no-spam-here.tomsk.su
Thu Dec 30 00:43:23 EST 2010


Greg Hudson wrote:

[dd]

> > But earlier you said that DNS-canonicalization of the gethostname() is
> > used. If we have no DNS, who will canonicalize the hostname?

> That's shorthand because so many installations use DNS for hostname
> resolution.  Heimdal uses getaddrinfo() for its canonicalization step,
> and falls back to the raw hostname if that fails.

I have been able to successfully authenticate (OpenSSH,
gssapi-with-mic) to a host not present in the DNS, only in the "hosts"
NIS map. It works!! :)


-- 
Victor Sudakov,  VAS4-RIPE, VAS47-RIPN
2:5005/49 at fidonet http://vas.tomsk.ru/



More information about the Kerberos mailing list