Problems with kerberized telnetd and telnet

Kenneth Stephen y2kmvs at ebiz.austin.ibm.com
Mon Jan 13 16:21:06 EST 2003


Hi,

	I'm using the Debian GNU/Linux version of kerberized telnetd and
telnet and am trying to do kerberos based telnet logins. The steps I
follow are (1) kinit (2) telnet -F <telnet server>, but I get a failure.
Here are the gory details :

ken at sid:~$ klist
Ticket cache: FILE:/tmp/krb5cc_1000
Default principal: y2kmvs at ebiz.austin.ibm.com

Valid starting     Expires            Service principal
01/13/03 13:36:15  01/13/03 23:35:38  krbtgt/ebiz.austin.ibm.com at ebiz.austin.ibm.com


Kerberos 4 ticket cache: /tmp/tkt1000
klist: You have no tickets cached

ken at sid:~$ telnet -F -k ebiz.austin.ibm.com ebiz.austin.ibm.com
Trying A.B.C.D...
Connected to ebiz.austin.ibm.com (A.B.C.D).
Escape character is '^]'.
telnetd: No authentication provided.
Connection closed by foreign host.

	An ethereal trace shows the following exchange :

client --> server
	Telnet commands :
		Do Encryption Option
		Will Encryption Option
		Do Suppress Go Ahead
		Will Terminal Type
		Will Negotiate About Window Size
		Will Terminal Speed
		Will Remote Flow Control
		Will Linemode
		Will New Environment Option
		Do Status
		Will X Display Location

server --> client
	Telnet commands :
		Do Authentication Option

client --> server
	Telnet commands :
		Wont Authentication Option

server --> client
	Telnet commands :
		Will Encryption Option
		Do Encryption Option
			Send your Encryption Option
		Will Suppress Go Ahead
		Do Terminal Type
		Do Negotiate About Window Size
		Do Terminal Speed
		Do Remote Flow Control
		Dont Linemode
		Do New Environment Option
		Will Status
		Do X Display Location

server --> client
	Telnet commands :
		Do Environment Option

client --> server
	Telnet commands :
		Encryption Option
			Send your Encryption Option
		Negotiate About Window Size
			Heres my Negotiate About Window Size
			Value: i\000F

client --> server
	Telnet commands :
		Wont Environment Option

server --> client
	Telnet commands :
		Terminal Speed
			Send your Terminal Speed
		X Display Location
			Send your X Display Location
		New Environment Option
			Send your New Environment Option
		Terminal Type
			Send your Terminal Type

client --> server
	Telnet commands :
		Terminal Speed
			Here's my Terminal Speed
			Value: 38400,38400
		X Display Location
			Here's my X Display Location
			Value: localhost:10.0
		New Environment Option
			Here's my New Environment Option
			Value: \000DISPLAY\001localhost:10.0
		Terminal Type
			Here's my Terminal Type
			Value: XTERM

server --> client
	Data:
		telnetd: No Authentication provided. \r\n

....and the server initiates a connection close.

	telnetd is being started with a '-a user' option. Is this not the
right option for Kerberos authentication? Why does the client claim that
it wont do authentication?

Thanks,
Kenneth




More information about the Kerberos mailing list