[HCoop-Help] Kerberos & ssh not working
Adam Chlipala
adamc at hcoop.net
Tue Jun 17 13:06:02 EDT 2008
Adam Megacz wrote:
> Vesa Kaihlavirta <vegai at hcoop.net> writes:
>
>> ssh.hcoop.net is the server I should be connecting to, isn't it?
>>
>
> No, you need to use mire.hcoop.net for passwordless login.
>
> Kerberos has a mechanism which is very similar to the way HTTPS
> verifies that the hostname you're trying to connect to matches the
> server's certificate. In this case, mire's "certificate" (actually a
> keytab) is for mire.hcoop.net, not ssh.hcoop.net.
>
That's too bad. We don't want to ask members to remember which machines
go with which services, but we also don't want to name a machine "ssh"
for Kerberos purposes. Any suggestions on how to handle this?
More information about the HCoop-Help
mailing list