Telnet encryption vs. NAT
Matt Crawford
crawdad at fnal.gov
Fri Mar 8 13:16:15 EST 2002
I thought we'd seen all the NAT problems already, but this one has me
stumped.
One of my users has (ugh) AOL at home and is NATted. He uses Exceed
telnet
with the Leash32 add-on for Kerberos. He can get an addressless TGT and
service
ticket, so he can connect. He has to turn off forwarding because of the
check
in credential-receiving. But there's one more thing ...
If he leaves telnet session encryption turned on, he gets garbage from
the
host he logs in to. If he turns it off, all is well.
Is this an OOB data bug in his stack or app, or is there some mixing of
the
IP address into the subkey that I am unable to spot in the spec or the
code?
Or is it something else entirely?
More information about the Kerberos
mailing list