3DES or equivalent telnet encryption with kerberos

Markus Moeller markus_moeller at compuserve.com
Sat Sep 20 06:17:52 EDT 2003


I would like to encrypt a kerberised telnet session stronger then with DES.
I assume that this has been done in the past, but I haven't found any
example. But I found the below telnet client/server source from the srp
project which has 3DES/CAST128 encryption and modified the kerberos5.c file
to allow 3DES encryption.

The source can be found at http://srp.stanford.edu/source/srp-2.0.0.tar.gz
together with the attached patch and the below configure command I got it to
work on Suse Linux with MIT 1.3.1 and a W2k kdc and RC4-hmac cipher.

LDFLAGS="-Wl,-R/usr/kerberos/lib" \
./configure  --with-krb5=/src/mitk5-131/kerberos/src --without-srp
--without-cast --disable-tls

As I am not an expert in cryptography I would like to know if this is
correctly implemented.

Thank you for any help/suggestions.

Markus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: telnet.diff
Type: application/octet-stream
Size: 7265 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20030920/176c6f03/attachment.obj


More information about the Kerberos mailing list