Jeremy Hunt <[email protected]> writes: > Hi Mauricio, > > Doug is right, I misread your request, my apologies. > > Googling kerberos, nat and ssh gives many responses all saying that the > only way to do this is to use tickets with no address in them. You can > do this by using the kinit command with either the -n, -a or -A switch.
Modern releases of krb5 default to getting tickets with no addresses. Addresses in tickets don't really have anything to do with using reverse DNS to canonicalize hostnames in principal names. Mismatched addresses in the ticket wouldn't produce the described symptoms, anyway. ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
