Kerberizing a non-kerberized telnet client

Burkhardt, Andrew Andrew.Burkhardt at PEC.com
Fri May 14 13:12:41 EDT 2004


Have you heard of any Kerberos "proxy" servers?  A proxy which would handle kerberos requests on behalf of the non-kerberized client? 

-----Original Message-----
From: Sam Hartman
To: Burkhardt, Andrew
Cc: 'kerberos at mit.edu'
Sent: 5/14/2004 1:52 AM
Subject: Re: Kerberizing a non-kerberized telnet client

>>>>> "Burkhardt," == Burkhardt, Andrew <Andrew.Burkhardt at PEC.com>
writes:

    Burkhardt,> Hi, We have setup a test Windows Server 2003
    Burkhardt,> Domain/KDC.  We have a Windows 2000 Professional
    Burkhardt,> computer using the kerberized Ktelnet client,
    Burkhardt,> connecting to a Red Hat 9 Linux box running kerberized
    Burkhardt,> telnetd, and successfully authenticating using
    Burkhardt,> Kerberos.  Basically, everything is running correctly
    Burkhardt,> in the environment.  The problem is we use a
    Burkhardt,> non-kerberized telnet client in the field.  We are
    Burkhardt,> heavily dependant on this client, meaning we can not
    Burkhardt,> change clients and fyi, there are no kerberized
    Burkhardt,> upgrade for this client.  Is there a way to "wrap" a
    Burkhardt,> non-kerberized telnet client so it will use kerberos
    Burkhardt,> authentication?  Has anyone had any experience with
    Burkhardt,> this problem?  I am looking for any suggestions. Many
    Burkhardt,> thanks!

You could use Kerberized ssh to forward the telnet port.  You would
not get single sign-on, but you would at least get security.


More information about the Kerberos mailing list