[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

2 fqdn

To: heimdal-discuss@sics.se
Subject: 2 fqdn
From: Antoine Jacoutot <ajacoutot@lphp.org>
Date: Fri, 04 Nov 2005 14:03:56 +0100
Sender: owner-heimdal-discuss@sics.se
User-Agent: Mozilla Thunderbird 1.0.7 (X11/20051026)

Hello...

I have a stupid question, really.
I have an OpenSSH server that has 2 interfaces. I authenticate to it 
with GSSAPI. This server runs an Heimdal KDC.
All is working fine except one little annoyance: on the DNS, this server
has 2 different fqdn that correspond to it's different interfaces.
ie: 192.168.1.1 --> server.domain01.com
     192.168.2.1 --> server.domain02.com

Now, on the server itself, of course I can only set one hostname which
is server.domain01.com.
Using GSSAPI I can only connect to this server using the address
server.domain01.com, if I use server.domain02.com I cannot authenticate
which seams logical since the fqdn is different.

What works:

$ kinit username 

username@DOMAIN's Password:
kinit: NOTICE: ticket renewable lifetime is 1 week
$ ssh server.domain01.com

What does not work:

$ kinit username 

username@DOMAIN's Password:
kinit: NOTICE: ticket renewable lifetime is 1 week
$ ssh server.domain02.com
Permission denied (gssapi-with-mic)

So, does anyone know if there's a way to use both hostnames and making
GSSAPI works ?
Thanks in advance.

Regards,

Antoine

Follow-Ups:
- Re: 2 fqdn
  - From: Michael B Allen <mba2000@ioplex.com>

Prev by Date: Re: hprop problem with krb4-db database
Next by Date: Re: 2 fqdn
Prev by thread: Re: Using Heimdal PKINIT with OpenSC-0.10.0 loading the key beforeloading the cert
Next by thread: Re: 2 fqdn
Index(es):
- Date
- Thread