Patch to ignore service principals when accepting connexions.
hartmans at painless-security.com
Wed Aug 25 21:33:07 EDT 2010
I definitely agree that the forward/reverse resolution creates issues
for acquire_cred. There's a kind of annoying Debian bug open on this
where the name you end up with depends on whether you have A records or
just AAAA records. Also, as you point out it is a source of failure.
So, I would like to express support for a configuration knob to ignore
the hostname and to look into what we can do about acceptor-side use of
More information about the krbdev