Hi list,
I have noticed that there is a slight difference in host principals when joining to AD using "net" command or via "adcli/realm".
All commands generates the short version (i.e. as per "hostname -s") in capital letters in AD, but in local kerberos keytab, the "net" command generates all "host/" principals lower case, but "adcli" generates then upper case - which renders kerberized access via ssh unusable in case we specify hostname without the domain suffix:
# cat /etc/hostname
Myshostname
Question, why do you convert the short hostname to uppercase? Why is sshd so picky about lower/upper cases for the host principals in Kerberos keytab?
Thanks,
Ondrej
-----
The information contained in this e-mail and in any attachments is confidential and is designated solely for the attention of the intended recipient(s). If you are not an intended recipient, you must not use, disclose, copy, distribute or retain this e-mail or any part thereof. If you have received this e-mail in error, please notify the sender by return e-mail and delete all copies of this e-mail from your computer system(s). Please direct any additional queries to: communications(a)s3group.com. Thank You. Silicon and Software Systems Limited (S3 Group). Registered in Ireland no. 378073. Registered Office: South County Business Park, Leopardstown, Dublin 18.