Wallet/remctld: Wrong principal in request

Russ Allbery rra at stanford.edu
Fri Oct 26 22:47:33 EDT 2012


Andreas Ntaflos <daff at pseudoterminal.org> writes:

> But do I have to fear any negative consequences after adding more than
> one host principal to /etc/krb5.keytab? Will this break anything? Is it
> even "legal" to do?

Nope, that's perfectly fine.  That's fairly normal for this sort of load
balancer setup and will allow, say, GSS-API-authenticated ssh to work as
well (with the right sshd configuration).

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>


More information about the Kerberos mailing list