> Hello,
>
> when I read documentation for PgSQL 8.1beta3 about
> krb_server_hostname I think that it's enough insert into
> kerberos keytab only:
> krb_srvname/krb_server_hostname@REALM
> But pgsql have different behaviour for:
>
> # psql -U pgsql -h localhost template1
> psql: krb5_sendauth: Server not found in Kerberos database
>
> and
>
> # psql -U pgsql -h dejmal template1
> Welcome to psql 8.1beta3, the PostgreSQL interactive terminal.
>
> Part of postgresql.conf:
> # Kerberos
> krb_server_keyfile = '/data/pgsql/pgsql.keytab'
> krb_srvname = 'pgsql'
> krb_server_hostname = 'dejmal'
> krb_caseins_users = off
>
> Part of pg_hba.conf (dejmal has IP 192.168.1.13):
> host all all 127.0.0.1/32 krb5
> host all all 192.168.1.13/32 krb5
>
> Do you have any idea what's going wrong?
postgresql.conf only affects the server. The krb_srerver_hostname
parameter is intended for virtual hosting where postgresql is listening
on a non-default interface/hostname.
For the client you must use the appropriate FQDN that will resolve to
the SPN.
//Magnus
