[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: krb5 services override in krb5.conf?
Derrick J Brashear <firstname.lastname@example.org> writes:
> It would be nice if there were a way to override the use of getservbyname
> for kerberos ports in /etc/krb5.conf, maybe something like
> kerberos = 88/tcp 88/udp
> Problem is we have legacy software which expects to find an entry which is
> kerberos 750/udp
> in services, and if you remove it, they simply don't work. But... our krb5
> kdc isn't listening on 750, only on 88.
I would really prefer not to. Having krb5.conf act the same way as
/etc/services but with different syntax seems just... non-optimal. An
according to IANA, 'kerberos 88/udp' (and tcp) is the correct
a) What is the problem with your `legacy' software?
b) Could you make your kdc listen to 750?
c) How large a bribe are you offering?