Kerberos Error on gss-client/server sample
Hi, I am currently in the stage of preparing a sample scenario for demonstrating MIT Kerberos capabilities on Linux (SuSE Linux V7.0). The sample scenario includes the demonstration of the connection and access of a client to a kerberized server. In regards to this I have a problem concerning the usage of the simple gss-server and gss-client contained in MIT Kerberos V5 Release 1.2. Problem description Executing gss-server with "sample" as service name on a dedicated system "lxserver.foo.bar.com" (in my sample scenario this box is also the KDC) succeeds without a problem. Executing gss-client on a second system "lxclient.foo.bar.com" fails with the following error: GSS-API: Server not found in Kerberos database. Despite that error message, the service principle (sample/lxserver.foo.bar.com@FOO.BAR.COM) for the server is definitely included in the Kerberos database. Executing the gss-client on the same box as the gss-server succeeds without any problem and verifying the ticket issued by the KDC shows that a session ticket for the sample server has been issued. DNS is in place and both systems are able to resolve the respective host names and via reverse look up the respective IP Addresses. Even more interestingly is the fact, that the sclient and sserver sample do run without an error report while distributed on two systems. Any help or hint would be highly appreciated. Thx, Michael
participants (1)
-
Michael Kehm