telnetd: Authorization failed. -- [Any kerberos - telnetd setup tutorial ?]

vj purpletech at gmail.com
Mon Sep 19 14:08:46 EDT 2005


[ajay at engr-212 ajay]$ telnet -F -l ajay/admin at sxlinux.company.com
engr-167.company.com 545
Trying 192.168.50.167...
Connected to engr-167.company.com (192.168.50.167).
Escape character is '^]'.
telnetd: Authorization failed.
Connection closed by foreign host.
[ajay at engr-212 ajay]$ klist
Ticket cache: FILE:/tmp/krb5cc_500
Default principal: ajay/admin at sxlinux.company.com

Valid starting     Expires            Service principal
09/19/05 13:42:00  09/19/05 23:40:19
krbtgt/sxlinux.company.com at sxlinux.company.com


Kerberos 4 ticket cache: /tmp/tkt500
klist: You have no tickets cached
[ajay at engr-212 ajay]$


App Server [inetd.conf : telnetd -a valid] krb5.conf :
---------------------------------------------------------------------------

# cat /etc/krb5.conf
[libdefaults]
    ticket_lifetime = 600
    default_realm = sxlinux.company.com
    kdc_req_checksum_type = 2
    checksum_type = 2
    ccache_type = 1
    default_tkt_enctypes = des-cbc-crc
    default_tgs_enctypes = des-cbc-crc
[appdefaults]
    telnet = {
        sxlinux.company.com = {
            forward = true
            autologin = true
            encrypt = true
        }
    }
    pam = {
        debug = false
        ticket_lifetime = 36000
        renew_lifetime = 36000
        forwardable = true
        krb4_convert = false
    }
[kdc]
    profile =
/home/ajay/Kerberos/Intel/krb5-1.4.2/bin/var/krb5kdc/kdc.conf
[logging]
    kdc =
FILE://home/ajay/Kerberos/Intel/krb5-1.4.2/bin/var/krb5kdc/kdc.log
    admin_server =
FILE://home/ajay/Kerberos/Intel/krb5-1.4.2/bin/var/krb5kdc/a
dm.log
    default =
FILE://home/ajay/Kerberos/Intel/krb5-1.4.2/bin//krb5kdc/log.log
[realms]
    sxlinux.company.com = {
        kdc = 192.168.51.220:88
        admin_server = 192.168.51.220:749
        default_domain = company.com
        auth_to_local_names = {
            ajay/admin = dominion
        }
    }

[domain_realm]
[capaths]
[login]
    rb4_convert = 0
#

# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: ajay/admin at sxlinux.company.com

Valid starting     Expires            Service principal
09/19/05 13:11:40  09/19/05 17:14:18
krbtgt/sxlinux.company.com at sxlinux.company.com


Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
# 


Thanks.
vj



More information about the Kerberos mailing list