telnetd: Authorization failed. -- [Any kerberos - telnetd setup tutorial ?]
vj
purpletech at gmail.com
Mon Sep 19 14:08:46 EDT 2005
[ajay at engr-212 ajay]$ telnet -F -l ajay/admin at sxlinux.company.com
engr-167.company.com 545
Trying 192.168.50.167...
Connected to engr-167.company.com (192.168.50.167).
Escape character is '^]'.
telnetd: Authorization failed.
Connection closed by foreign host.
[ajay at engr-212 ajay]$ klist
Ticket cache: FILE:/tmp/krb5cc_500
Default principal: ajay/admin at sxlinux.company.com
Valid starting Expires Service principal
09/19/05 13:42:00 09/19/05 23:40:19
krbtgt/sxlinux.company.com at sxlinux.company.com
Kerberos 4 ticket cache: /tmp/tkt500
klist: You have no tickets cached
[ajay at engr-212 ajay]$
App Server [inetd.conf : telnetd -a valid] krb5.conf :
---------------------------------------------------------------------------
# cat /etc/krb5.conf
[libdefaults]
ticket_lifetime = 600
default_realm = sxlinux.company.com
kdc_req_checksum_type = 2
checksum_type = 2
ccache_type = 1
default_tkt_enctypes = des-cbc-crc
default_tgs_enctypes = des-cbc-crc
[appdefaults]
telnet = {
sxlinux.company.com = {
forward = true
autologin = true
encrypt = true
}
}
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
[kdc]
profile =
/home/ajay/Kerberos/Intel/krb5-1.4.2/bin/var/krb5kdc/kdc.conf
[logging]
kdc =
FILE://home/ajay/Kerberos/Intel/krb5-1.4.2/bin/var/krb5kdc/kdc.log
admin_server =
FILE://home/ajay/Kerberos/Intel/krb5-1.4.2/bin/var/krb5kdc/a
dm.log
default =
FILE://home/ajay/Kerberos/Intel/krb5-1.4.2/bin//krb5kdc/log.log
[realms]
sxlinux.company.com = {
kdc = 192.168.51.220:88
admin_server = 192.168.51.220:749
default_domain = company.com
auth_to_local_names = {
ajay/admin = dominion
}
}
[domain_realm]
[capaths]
[login]
rb4_convert = 0
#
# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: ajay/admin at sxlinux.company.com
Valid starting Expires Service principal
09/19/05 13:11:40 09/19/05 17:14:18
krbtgt/sxlinux.company.com at sxlinux.company.com
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
#
Thanks.
vj
More information about the Kerberos
mailing list