Kerberized rsh/rlogin on FreeBSD and NetBSD?

Donn Cave donn at u.washington.edu
Thu Mar 7 12:00:20 EST 2002


Quoth "Chris Schadl" <cschadl at nospamsatan.org.uk>:
| Hi,
|
| When I try to rlogin or rsh to my NetBSD or FreeBSD machines with
| kerberos support, I get the error "Couldn't authenticate to server: Bad
| sendauth version was sent".  Looking in the syslogs of these hosts, I see
| the following:
|
| Mar  6 22:12:07 ryoko rlogind[37294]: usage: rlogind [-Dalnx]
| Mar  6 22:12:07 ryoko rlogind[37294]: usage: rlogind [-Dalnx]
| Mar  6 22:12:07 ryoko rlogind[37294]: Connection from 192.168.0.2 on illegal port
|
| (that's on the FreeBSD host; I get something simmilar on the NetBSD
| server)
|
| rlogind and rshd are set in inetd.conf to use the -k flag to enable
| Kerberos authentication, however the errors in my syslog would seem to
| indicate that the -k flag is not supported.  Does anyone what I have to
| do to get kerberos rsh/rlogin working on these platforms?

On NetBSD 1.5, it doesn't look to me like /usr/libexec/rlogind supports
Kerberos.  Only /usr/libexec/telnetd.  Same story in the clients - only
telnet supports Kerberos.  (Host/service principal lookup in this telnet
has the same bug as in MIT's ftp, multiple lookups lose in a dynamic DNS
environment.)  Well, ssh looks like it might support Kerberos 4, but
I wouldn't expect that to do you much good.

	Donn Cave, donn at u.washington.edu



More information about the Kerberos mailing list