RFC: Turning off reverse hostname resolution by default in 1.10
Greg Hudson
ghudson at MIT.EDU
Thu Jul 7 08:47:03 EDT 2011
On Wed, 2011-07-06 at 20:08 -0400, Frank Cusack wrote:
> Yes, for "ssh host". In our case, the canonicalization is done by the
> ssh client itself though, not by the krb5 library. Now that I'm aware
> of the issue I plan to use KDC aliases instead. Does current MIT
> support that?
In MIT krb5, it's supported in the LDAP KDB back end, but not in the BDB
one at this time.
More information about the Kerberos
mailing list