On Tue, 03 Jul 2007 03:39:51 +0000 "Douglas Maus" <[EMAIL PROTECTED]> wrote:
> Could someone help me understand IP addresses, DNS, and > Kerberos on OpenBSD? > > I was getting "incorrect net address" when trying to kinit, > and I found that switching 2 lines in /etc/hosts > putting first > 10.0.1.201 auth.my.realm auth > before > ::1 auth.my.realm auth > fixed this, but I don't understand this and I suspect this means > I'm doing something else wrong. When kinit asks for a ticket i encodes the hosts address in the request. The KDC then compares the encoded address with the address in the IP-header and if they don't match you'll get this error. > I started the kdc: # /usr/libexec/kdc & > > but when I tried > # kinit admin > or > # kinit admin --no-address > I got "incorrect net address" Options goes before the pricipal, i.e. # kinit --no-addresses admin There are some configuration options that affects this as well; search krb5.conf(5) -- Bjvrn Sandell Chalmers University of Technology IT Services www.chalmers.se/its +46 (0)31 772 1000 No one ever says, 'I can't read that ASCII E-mail you sent me.'