Search the FAQ Archives

3 - A - B - C - D - E - F - G - H - I - J - K - L - M
N - O - P - Q - R - S - T - U - V - W - X - Y - Z
faqs.org - Internet FAQ Archives

Kerberos FAQ, v2.0 (last modified 8/18/2000)
Section - 1.24. Does Kerberos support multi-homed machines?

( Single Page )
[ Usenet FAQs | Web FAQs | Documents | RFC Index | Property taxes ]


Top Document: Kerberos FAQ, v2.0 (last modified 8/18/2000)
Previous Document: 1.23. What is a "key salt"? "kvno"?
Next Document: 1.25. What is "user to user" authentication?
See reader questions & answers on this topic! - Help others by sharing your knowledge
In both Kerberos 4 and Kerberos 5, a machine's network address is part of
the ticket information. This address is used as an additional check to make
sure the ticket hasn't been stolen and is being used on another machine.

In Kerberos 4, there was room for only one IP address in the ticket, which
did not work with multihomed machines. KTH krb4 includes some hacks to make
it work with Kerberos 4.

Kerberos 5 supports multiple IP addresses in a ticket, thus allowing
Kerberos 5 tickets to deal with multi-homed machines. However, doing so
requires careful configuration of your DNS server. Question 2.14 explains
this in further detail.

User Contributions:

Comment about this article, ask questions, or add new information about this topic:

CAPTCHA




Top Document: Kerberos FAQ, v2.0 (last modified 8/18/2000)
Previous Document: 1.23. What is a "key salt"? "kvno"?
Next Document: 1.25. What is "user to user" authentication?

Single Page

[ Usenet FAQs | Web FAQs | Documents | RFC Index ]

Send corrections/additions to the FAQ Maintainer:
Ken Hornstein <kenh@cmf.nrl.navy.mil>





Last Update March 27 2014 @ 02:11 PM