| From: | "Magnus Hagander" <mha(at)sollentuna(dot)net> |
|---|---|
| To: | "Ludek Finstrle" <luf(at)pzkagis(dot)cz>, <pgsql-admin(at)postgresql(dot)org> |
| Subject: | Re: krb_server_hostname |
| Date: | 2005-10-23 16:50:02 |
| Message-ID: | 6BCB9D8A16AC4241919521715F4D8BCE92E784@algol.sollentuna.se |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
> Hello,
>
> when I read documentation for PgSQL 8.1beta3 about
> krb_server_hostname I think that it's enough insert into
> kerberos keytab only:
> krb_srvname/krb_server_hostname(at)REALM
> But pgsql have different behaviour for:
>
> # psql -U pgsql -h localhost template1
> psql: krb5_sendauth: Server not found in Kerberos database
>
> and
>
> # psql -U pgsql -h dejmal template1
> Welcome to psql 8.1beta3, the PostgreSQL interactive terminal.
>
> Part of postgresql.conf:
> # Kerberos
> krb_server_keyfile = '/data/pgsql/pgsql.keytab'
> krb_srvname = 'pgsql'
> krb_server_hostname = 'dejmal'
> krb_caseins_users = off
>
> Part of pg_hba.conf (dejmal has IP 192.168.1.13):
> host all all 127.0.0.1/32 krb5
> host all all 192.168.1.13/32 krb5
>
> Do you have any idea what's going wrong?
postgresql.conf only affects the server. The krb_srerver_hostname
parameter is intended for virtual hosting where postgresql is listening
on a non-default interface/hostname.
For the client you must use the appropriate FQDN that will resolve to
the SPN.
//Magnus
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Steinar H. Gunderson | 2005-10-23 16:55:00 | Re: Need help in setting optimal configuration for a huge |
| Previous Message | Craig A. James | 2005-10-23 16:31:44 | Re: Need help in setting optimal configuration for a huge |