Telnet authentication problem
Jeffrey Altman
jaltman2 at nyc.rr.com
Wed Nov 30 12:55:26 EST 2005
Inger, Slav (.) wrote:
> Hello,
>
> Having an issue getting telnetd and telnet to work together to enable
> single sign-on. Have the latest MIT Kerberos distribution, compiled and
> running on Debian Linux. Can get TGTs, gss-client/gss-server are
> working fine, and I can get single sign-on with rlogin/klogind. But not
> with telnet. inetd is invoking telnetd with '-a valid' flag, but it's
> always prompting me for a password with the TGT already present. When I
> run 'klist' afterwards, no TGS was obtained. And if I request an
> ecrypted telnet session, telnetd comes back with "authorization failed".
> Auth is taking place within a single realm.
>
> Any ideas? TIA!
Your service principals do not have single DES enctypes. The MIT
Telnet only supports single DES. The Telnet distribution from
http://srp.stanford.edu contains support for the triple DES extensions.
Jeffrey Altman
More information about the Kerberos
mailing list