Password changing from behind a NAT

Ken Hornstein kenh at
Mon Oct 20 10:38:36 EDT 2003

I'm wondering if anyone has noticed that password changing fails from behind
a NAT?  This happens because the password changing protocol uses KRB_PRIV,
which requires a source address, which always ends up failing if you're
behind a NAT.

The only obvious solution I see is to make krb_rd_priv() ignore the source
address in a KRB_PRIV.  Code-wise, this is easy; I'm just wondering if anyone
has any suggestions on the best way to do this in terms of the API.


More information about the krbdev mailing list