Date: Tue, 14 Jun 2005 15:30:33 +0400 From: Boris Samorodov <bsam@ipt.ru> To: freebsd-security@FreeBSD.org Subject: Re: [Kerberos] Error at Handbook? Message-ID: <56012134@srv.sem.ipt.ru> In-Reply-To: <22142911@srv.sem.ipt.ru> (Boris Samorodov's message of "Sat, 11 Jun 2005 00:17:20 %2B0400") References: <22142911@srv.sem.ipt.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 11 Jun 2005 00:17:20 +0400 Boris Samorodov wrote: > According to FreeBSD Handbook (14.8.2 Setting up a Heimdal KDC) one > should config DNS server by adding: > ----- > _kerberos IN TXT EXAMPLE.ORG. > ----- > This doesn't work. DNS servers returns: text = "EXAMPLE.ORG.". > This is right, because RFC 1035 allows up to 16 character strings at > this field (assuming that noting should be prepended to the field if > it doesn't end with a point). > Thus I've got at KDC log: > ----- > 2005-06-10T23:57:07 Server not found in database: krbtgt/EXAMPLE.ORG.@EXAMPLE.ORG: No such entry in the database > ---- > (lookat the point before '@'). > Everythig is fine when changing DNS TXT record to "EXAMPLE.ORG" > (without a dot at the end). > I'm going to file a DOC/PR, but what security guru can say on the > matter? Am I missing smth? I'm far away from thinking that I'm the > only user who is using the Handbook to configure kerberos on FreeBSD... As nobody complained so far, I filed a PR: ----- http://www.freebsd.org/cgi/query-pr.cgi?pr=82223 >Category: docs >Responsible: freebsd-doc >Synopsis: [Kerberos] Error at Handbook >Arrival-Date: Tue Jun 14 10:40:23 GMT 2005 ----- WBR -- bsam
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?56012134>