When I run a klist
after ssh-ing into a Kerberized instance, I obtain the TGS for the principal host/vmtest001
, however, why do I get two of them including one with no REALM after the @
separator?
Here is the output of klist
:
Ticket cache: FILE:/tmp/krb5cc_1000
Default principal: athena@EXAMPLE.COM
Valid starting Expires Service principal
06/13/21 21:05:00 06/14/21 07:05:00 krbtgt/EXAMPLE.COM@EXAMPLE.COM
renew until 06/14/21 21:04:59
06/13/21 21:05:03 06/14/21 07:05:00 host/vmtest001@
renew until 06/14/21 21:04:59
06/13/21 21:05:03 06/14/21 07:05:00 host/vmtest001@EXAMPLE.COM
renew until 06/14/21 21:04:59