Are the -a and -F options mutually exclusive?

Scott Simpson ssimpson at visionsolutions.com
Thu Jan 27 21:54:36 EST 2005


This is a multi-part message in MIME format.

------=_NextPart_000_0008_01C504A1.A59D6A90
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Kerberos 5 1.3.6, Linux, "telnetd -a none"

I am using the -a and -F options to log in automatically and forward =
tickets using telnet. The options seem to be exclusive. Are they?

Witness the following typescript (klist5 is an alias to the right =
klist):

Script started on Thu Jan 27 18:35:22 2005
ssimpson at vu15:/apps/build$ klist5                Already have a ticket
Ticket cache: FILE:/tmp/krb5cc_500
Default principal: ssimpson at VISIONSOLUTIONS.COM

Valid starting     Expires            Service principal
01/27/05 18:27:43  01/28/05 18:27:43  =
krbtgt/VISIONSOLUTIONS.COM at VISIONSOLUTIONS.COM
01/27/05 18:28:07  01/28/05 18:27:43  =
host/vu15.visionsolutions.com at VISIONSOLUTIONS.COM


Kerberos 4 ticket cache: /tmp/tkt500
klist: You have no tickets cached
ssimpson at vu15:/apps/build$ /apps/local/bin/telnet -a vu15    Try =
automatic login
Trying 10.1.255.15...
Connected to vu15.visionsolutions.com (10.1.255.15).
Escape character is '^]'.
[ Kerberos V5 accepts you as ``ssimpson at VISIONSOLUTIONS.COM'' ]
Last login: Thu Jan 27 18:35:06 from vu15
ssimpson at vu15:~$ klist5                                   See if =
automatic login gave ticket
klist: No credentials cache found (ticket cache FILE:/tmp/krb5cc_p9332)


Kerberos 4 ticket cache: /tmp/tkt500                   Nope
klist: You have no tickets cached
ssimpson at vu15:~$ logout
Connection closed by foreign host.
ssimpson at vu15:/apps/build$ /apps/local/bin/telnet -F vu15 Try =
forwarding, no auto login
Trying 10.1.255.15...
Connected to vu15.visionsolutions.com (10.1.255.15).
Escape character is '^]'.

    vu15 (Linux release 2.6.5-7.111.19-default #1 Fri Dec 10 15:10:58 =
UTC 2004) (11)

login: ssimpson                                                       =
Have to log in manually
Password for ssimpson:=20
Last login: Thu Jan 27 18:35:43 from vu15
ssimpson at vu15:~$ klist5                                      Got ticket =
this time
Ticket cache: FILE:/tmp/krb5cc_p9407
Default principal: ssimpson at VISIONSOLUTIONS.COM

Valid starting     Expires            Service principal
01/27/05 18:36:08  01/28/05 18:36:08  =
krbtgt/VISIONSOLUTIONS.COM at VISIONSOLUTIONS.COM


Kerberos 4 ticket cache: /tmp/tkt500
klist: You have no tickets cached
ssimpson at vu15:~$ logout
Connection closed by foreign host.
ssimpson at vu15:/apps/build$ /apps/local/bin/telnet -a -F vu15          =
Try both
Trying 10.1.255.15...
Connected to vu15.visionsolutions.com (10.1.255.15).
Escape character is '^]'.
[ Kerberos V5 accepts you as ``ssimpson at VISIONSOLUTIONS.COM'' ]
Last login: Thu Jan 27 18:36:08 from vu15
ssimpson at vu15:~$ klist5
klist: No credentials cache found (ticket cache FILE:/tmp/krb5cc_p9470)


Kerberos 4 ticket cache: /tmp/tkt500                       No ticket!
klist: You have no tickets cached
ssimpson at vu15:~$ logout
Connection closed by foreign host.
ssimpson at vu15:/apps/build$ exit

Script done on Thu Jan 27 18:36:35 2005

------=_NextPart_000_0008_01C504A1.A59D6A90
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2800.1479" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY>
<DIV><FONT face=3DArial size=3D2><EM>Kerberos 5 1.3.6, Linux, "telnetd =
-a=20
none"</EM></FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>I am using the<STRONG> -a</STRONG> and=20
<STRONG>-F</STRONG> options to log in automatically and forward tickets =
using=20
telnet. The options seem to be exclusive. Are they?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>Witness the following typescript (<FONT =

face=3DCourier>klist5</FONT> is an alias to the right =
klist):</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT color=3D#0000ff><FONT face=3DArial size=3D2>Script started on =
Thu Jan 27=20
18:35:22 2005<BR></FONT><FONT face=3DArial=20
size=3D2>ssimpson at vu15:/apps/build$</FONT></FONT><FONT =
color=3D#0000ff><FONT=20
face=3DArial size=3D2>=20
klist5&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;=20
<EM><FONT color=3D#000000>Already have a ticket<BR></FONT></EM>Ticket =
cache:=20
FILE:/tmp/krb5cc_500<BR>Default principal: </FONT><FONT face=3DArial=20
size=3D2>ssimpson at VISIONSOLUTIONS.COM</FONT></FONT></DIV>
<DIV><FONT face=3DArial color=3D#0000ff size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT color=3D#0000ff><FONT face=3DArial size=3D2>Valid=20
starting&nbsp;&nbsp;&nbsp;&nbsp;=20
Expires&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
=20
Service principal<BR>01/27/05 18:27:43&nbsp; 01/28/05 18:27:43&nbsp;=20
</FONT><FONT face=3DArial=20
size=3D2>krbtgt/VISIONSOLUTIONS.COM at VISIONSOLUTIONS.COM</FONT><BR><FONT =
face=3DArial=20
size=3D2>01/27/05 18:28:07&nbsp; 01/28/05 18:27:43&nbsp; </FONT><FONT =
face=3DArial=20
size=3D2>host/vu15.visionsolutions.com at VISIONSOLUTIONS.COM</FONT></FONT><=
/DIV>
<DIV><FONT face=3DArial color=3D#0000ff size=3D2></FONT>&nbsp;</DIV>
<DIV><BR><FONT face=3DArial color=3D#0000ff size=3D2>Kerberos 4 ticket =
cache:=20
/tmp/tkt500<BR>klist: You have no tickets cached<BR></FONT><FONT =
face=3DArial=20
color=3D#ff00ff size=3D2>ssimpson at vu15:/apps/build$</FONT><FONT =
color=3D#ff00ff><FONT=20
face=3DArial size=3D2> /apps/local/bin/telnet -a vu15&nbsp;&nbsp;&nbsp; =
<EM><FONT=20
color=3D#000000>Try automatic login</FONT><BR></EM>Trying=20
10.1.255.15...<BR>Connected to vu15.visionsolutions.com =
(10.1.255.15).<BR>Escape=20
character is '^]'.<BR>[ Kerberos V5 accepts you as </FONT><FONT =
face=3DArial=20
size=3D2>``ssimpson at VISIONSOLUTIONS.COM''</FONT></FONT><FONT =
color=3D#ff00ff><FONT=20
face=3DArial size=3D2> ]<BR>Last login: Thu Jan 27 18:35:06 from=20
vu15<BR></FONT><FONT face=3DArial =
size=3D2>ssimpson at vu15:~$</FONT></FONT><FONT=20
face=3DArial color=3D#ff00ff size=3D2>=20
klist5&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=20
<FONT color=3D#000000><EM>See if automatic login gave =
ticket<BR></EM></FONT>klist:=20
No credentials cache found (ticket cache =
FILE:/tmp/krb5cc_p9332)</FONT></DIV>
<DIV><FONT face=3DArial color=3D#ff00ff size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2></FONT><BR><FONT color=3D#ff00ff><FONT =
face=3DArial=20
size=3D2>Kerberos 4 ticket cache:=20
/tmp/tkt500&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=20
<EM><FONT color=3D#000000>Nope</FONT></EM><BR>klist: You have no tickets =

cached<BR></FONT><FONT face=3DArial =
size=3D2>ssimpson at vu15:~$</FONT></FONT><FONT=20
face=3DArial color=3D#ff00ff size=3D2> logout<BR>Connection closed by =
foreign=20
host.<BR></FONT><FONT face=3DArial color=3D#0000ff=20
size=3D2>ssimpson at vu15:/apps/build$</FONT><FONT face=3DArial =
color=3D#0000ff size=3D2>=20
/apps/local/bin/telnet -F vu15 <EM><FONT color=3D#000000>Try forwarding, =
no auto=20
login</FONT></EM><BR>Trying 10.1.255.15...<BR>Connected to=20
vu15.visionsolutions.com (10.1.255.15).<BR>Escape character is=20
'^]'.</FONT></DIV>
<DIV><FONT face=3DArial color=3D#0000ff size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial color=3D#0000ff size=3D2>&nbsp;&nbsp;&nbsp; vu15 =
(Linux=20
release 2.6.5-7.111.19-default #1 Fri Dec 10 15:10:58 UTC 2004)=20
(11)</FONT></DIV>
<DIV><FONT face=3DArial color=3D#0000ff size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT color=3D#0000ff><FONT face=3DArial size=3D2>login:=20
ssimpson&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=20
<FONT color=3D#000000><EM>Have to log in =
manually<BR></EM></FONT>Password for=20
ssimpson: <BR>Last login: Thu Jan 27 18:35:43 from vu15<BR></FONT><FONT=20
face=3DArial size=3D2>ssimpson at vu15:~$</FONT></FONT><FONT =
color=3D#0000ff><FONT=20
face=3DArial size=3D2>=20
klist5&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;=20
<EM><FONT color=3D#000000>Got ticket this time</FONT></EM><BR>Ticket =
cache:=20
FILE:/tmp/krb5cc_p9407<BR>Default principal: </FONT><FONT face=3DArial=20
size=3D2>ssimpson at VISIONSOLUTIONS.COM</FONT></FONT></DIV>
<DIV><FONT face=3DArial color=3D#0000ff size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT color=3D#0000ff><FONT face=3DArial size=3D2>Valid=20
starting&nbsp;&nbsp;&nbsp;&nbsp;=20
Expires&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
=20
Service principal<BR>01/27/05 18:36:08&nbsp; 01/28/05 18:36:08&nbsp;=20
</FONT><FONT face=3DArial=20
size=3D2>krbtgt/VISIONSOLUTIONS.COM at VISIONSOLUTIONS.COM</FONT></FONT></DI=
V>
<DIV><FONT face=3DArial color=3D#0000ff size=3D2></FONT>&nbsp;</DIV>
<DIV><BR><FONT color=3D#0000ff><FONT face=3DArial size=3D2>Kerberos 4 =
ticket cache:=20
/tmp/tkt500<BR>klist: You have no tickets cached<BR></FONT><FONT =
face=3DArial=20
size=3D2>ssimpson at vu15:~$</FONT></FONT><FONT face=3DArial =
color=3D#0000ff size=3D2>=20
logout<BR>Connection closed by foreign host.<BR></FONT><FONT =
face=3DArial=20
color=3D#ff00ff size=3D2>ssimpson at vu15:/apps/build$</FONT><FONT =
color=3D#ff00ff><FONT=20
face=3DArial size=3D2> /apps/local/bin/telnet -a -F=20
vu15&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <EM><FONT=20
color=3D#000000>Try both</FONT></EM><BR>Trying =
10.1.255.15...<BR>Connected to=20
vu15.visionsolutions.com (10.1.255.15).<BR>Escape character is =
'^]'.<BR>[=20
Kerberos V5 accepts you as </FONT><FONT face=3DArial=20
size=3D2>``ssimpson at VISIONSOLUTIONS.COM''</FONT></FONT><FONT =
color=3D#ff00ff><FONT=20
face=3DArial size=3D2> ]<BR>Last login: Thu Jan 27 18:36:08 from=20
vu15<BR></FONT><FONT face=3DArial =
size=3D2>ssimpson at vu15:~$</FONT></FONT><FONT=20
face=3DArial color=3D#ff00ff size=3D2> klist5<BR>klist: No credentials =
cache found=20
(ticket cache FILE:/tmp/krb5cc_p9470)</FONT></DIV>
<DIV><FONT face=3DArial color=3D#ff00ff size=3D2></FONT>&nbsp;</DIV>
<DIV><BR><FONT color=3D#ff00ff><FONT face=3DArial size=3D2>Kerberos 4 =
ticket cache:=20
/tmp/tkt500&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=20
<EM><FONT color=3D#000000>No ticket!<BR></FONT></EM>klist: You have no =
tickets=20
cached<BR></FONT><FONT face=3DArial =
size=3D2>ssimpson at vu15:~$</FONT></FONT><FONT=20
color=3D#ff00ff><FONT face=3DArial size=3D2> logout<BR>Connection closed =
by foreign=20
host.<BR></FONT><FONT face=3DArial =
size=3D2>ssimpson at vu15:/apps/build$</FONT><FONT=20
face=3DArial size=3D2> exit</FONT></FONT></DIV>
<DIV><FONT face=3DArial color=3D#ff00ff size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial color=3D#ff00ff size=3D2>Script done on Thu Jan =
27 18:36:35=20
2005<BR></FONT></DIV></BODY></HTML>

------=_NextPart_000_0008_01C504A1.A59D6A90--



More information about the Kerberos mailing list