Subject: Kerberos and NAT
To: None <netbsd-users@netbsd.org>
From: Jukka Salmi <j+nbsd@2004.salmi.ch>
List: netbsd-users
Date: 11/30/2004 20:42:23
Hi,

is anybody successfully using kpasswd on a client behind a NAT device
(kdc "in front of" the NAT device)? The kdc runs on NetBSD 2.0, the
client is -current. The following is logged:

	kpasswdd[2596]: Bad version (65408)
	kpasswdd[2509]: krb5_rd_priv: Incorrect net address

The former message is probably a result of the relatively recent change
to passwd[1] (switch to krb5_set_password), and it doesn't hurt. But the
latter makes passwd fail. I added the external IP address of the NAT device
to libdefaults -> extra_addresses in krb5.conf, but this doesn't help.

Any hints?


TIA, Jukka

[1] http://cvsweb.netbsd.org/bsdweb.cgi/src/usr.bin/passwd/krb5_passwd.c.diff?r1=1.11&r2=1.12

-- 
bashian roulette:
$ ((RANDOM%6)) || rm -rf ~