Let's say I have two KDCs, primary/master and the slave (cannot edit database, password changing included) where master is behind a firewall with NAT and the slave is in the external side. And am storing the principals database in ldap. Now, I would like to synchronize between master and slave. Now usually that would mean redirecting port 88 and 389 (doing tls) and tricking the slave by creating an entry in /etc/hosts for the primary kdc.
Now, let's say I want to do the replication but using a ssh tunnel that is created at the primary kdc and goes straight to the secondary kdc. At first glance that sounds like recipe to disaster, but is it doable? ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
