[HCoop-Help] Kerberos & ssh not working

Adam Chlipala adamc at hcoop.net
Tue Jun 17 13:06:02 EDT 2008

Adam Megacz wrote:
> Vesa Kaihlavirta <vegai at hcoop.net> writes:
>> ssh.hcoop.net is the server I should be connecting to, isn't it?
> No, you need to use mire.hcoop.net for passwordless login.
> Kerberos has a mechanism which is very similar to the way HTTPS
> verifies that the hostname you're trying to connect to matches the
> server's certificate.  In this case, mire's "certificate" (actually a
> keytab) is for mire.hcoop.net, not ssh.hcoop.net.

That's too bad.  We don't want to ask members to remember which machines 
go with which services, but we also don't want to name a machine "ssh" 
for Kerberos purposes.  Any suggestions on how to handle this?

More information about the HCoop-Help mailing list