Kerberizing a non-kerberized telnet client

[Jeffrey Altman]

The TELNET START-TLS, TELNET AUTH KRB5 and TELNET AUTH ENCRYPT options
are linked together but have no relationship with other TELNET options.
Most important, it is required that these three options be negotiated
prior to any other options.  It would be possible to implement a
winsock wrapper which would always attempt to negotiate the secure
telnet options.  The most important trick is to cache any other 
attempted telnet negotiations until after the security options have
completed.

Feel free to contact me privately if you would like to see this developed.

Jeffrey Altman


Burkhardt, Andrew wrote:

> Hi,
> 
>   We have setup a test Windows Server 2003 Domain/KDC.  We have a Windows
> 2000 Professional computer using the kerberized Ktelnet client, connecting
> to a Red Hat 9 Linux box running kerberized telnetd, and successfully
> authenticating using Kerberos.  Basically, everything is running correctly
> in the environment.  The problem is we use a non-kerberized telnet client in
> the field.  We are heavily dependant on this client, meaning we can not
> change clients and fyi, there are no kerberized upgrade for this client.  Is
> there a way to "wrap" a non-kerberized telnet client so it will use kerberos
> authentication?  Has anyone had any experience with this problem?  I am
> looking for any suggestions. Many thanks!
> 
> Andy  
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
> 

-- 
-----------------
This e-mail account is not read on a regular basis.
Please send private responses to jaltman at mit dot edu