RFC: Turning off reverse hostname resolution by default in 1.10

Greg Hudson ghudson at MIT.EDU
Thu Jul 7 08:47:03 EDT 2011


On Wed, 2011-07-06 at 20:08 -0400, Frank Cusack wrote:

> Yes, for "ssh host".  In our case, the canonicalization is done by the
> ssh client itself though, not by the krb5 library.  Now that I'm aware
> of the issue I plan to use KDC aliases instead.  Does current MIT
> support that?

In MIT krb5, it's supported in the LDAP KDB back end, but not in the BDB
one at this time.






More information about the Kerberos mailing list