Danny Mayer wrote: > > > > If a server is known by several names in DNS, how can I make GSSAPI > > authentication work with all those names? > >
> What's the real question? Here is the real question. I have created a principal for each of the several names, and placed these principals' keys into the destination server's keytab. However when I try to ssh into this server, GSSAPI auth works only for one of these names, actually the name which is equal to the server's `hostname`. I can even choose which name will work, by changing the server's `hostname`. But only one name at a time will work. > This is about the PTR records? I really do not know why the above setup does not work as I expect. If the matter is really about PTR records, please elaborate. I have never known that Kerberos uses PTR records in any way. The system is FreeBSD 6.2 with stock Kerberos and ssh. -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN 2:5005/[EMAIL PROTECTED] http://vas.tomsk.ru/ ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
