Home | About | Sematext search-lucene.com search-hadoop.com
 Search Hadoop and all its subprojects:

Switch to Threaded View
Hadoop >> mail # user >> kerberos principals per node necessary?


Copy link to this message
-
Re: kerberos principals per node necessary?
Its a bad idea, Koert.
When multiple nodes are using the same principal (in this case all the
datanodes ) ,  it will result in server assuming that its a replay attack
and result in denial of service.

More details here :
http://www.cloudera.com/content/cloudera-content/cloudera-docs/CDH4/4.2.1/CDH4-Security-Guide/cdh4sg_topic_17.html#concept_hfv_zqw_wj_unique_1

and here
http://web.mit.edu/kerberos/krb5-devel/doc/basic/rcache_def.html

benoy
On Sun, Feb 2, 2014 at 3:14 PM, Koert Kuipers <[EMAIL PROTECTED]> wrote: