Re: [Kerberos] Error at Handbook?

From: Boris Samorodov (bsam_at_ipt.ru)
Date: 06/14/05

  • Next message: Johan Danielsson: "Re: [Kerberos] Error at Handbook?" 
    To: freebsd-security@FreeBSD.org
Date: Tue, 14 Jun 2005 15:30:33 +0400

    On Sat, 11 Jun 2005 00:17:20 +0400 Boris Samorodov wrote:

    > According to FreeBSD Handbook (14.8.2 Setting up a Heimdal KDC) one
    > should config DNS server by adding:
    > -----
    > _kerberos IN TXT EXAMPLE.ORG.
    > -----

    > This doesn't work. DNS servers returns: text = "EXAMPLE.ORG.".
    > This is right, because RFC 1035 allows up to 16 character strings at
    > this field (assuming that noting should be prepended to the field if
    > it doesn't end with a point).

    > Thus I've got at KDC log:
    > -----
    > 2005-06-10T23:57:07 Server not found in database: krbtgt/EXAMPLE.ORG.@EXAMPLE.ORG: No such entry in the database
    > ----
    > (lookat the point before '@').

    > Everythig is fine when changing DNS TXT record to "EXAMPLE.ORG"
    > (without a dot at the end).

    > I'm going to file a DOC/PR, but what security guru can say on the
    > matter? Am I missing smth? I'm far away from thinking that I'm the
    > only user who is using the Handbook to configure kerberos on FreeBSD...

    As nobody complained so far, I filed a PR:
    -----
    http://www.freebsd.org/cgi/query-pr.cgi?pr=82223

    >Category: docs
    >Responsible: freebsd-doc
    >Synopsis: [Kerberos] Error at Handbook
    >Arrival-Date: Tue Jun 14 10:40:23 GMT 2005
    -----

    WBR 

    -- 
bsam
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
  • Next message: Johan Danielsson: "Re: [Kerberos] Error at Handbook?"