telnetd: Authorization failed. -- [Any kerberos - telnetd setup tutorial ?]

Markus Moeller huaraz at moeller.plus.com
Mon Sep 19 15:09:13 EDT 2005


You have to do add ajay/admin at sxlinux.company.com to .k5login of user ajay 
on engr-167.company.com, then a kinit as ajay/admin at sxlinux.company.com and 
a telnet -F -l ajay engr-167.company.com 545


Markus


"vj" <purpletech at gmail.com> wrote in message 
news:1127153326.200916.204140 at g44g2000cwa.googlegroups.com...
> [ajay at engr-212 ajay]$ telnet -F -l ajay/admin at sxlinux.company.com
> engr-167.company.com 545
> Trying 192.168.50.167...
> Connected to engr-167.company.com (192.168.50.167).
> Escape character is '^]'.
> telnetd: Authorization failed.
> Connection closed by foreign host.
> [ajay at engr-212 ajay]$ klist
> Ticket cache: FILE:/tmp/krb5cc_500
> Default principal: ajay/admin at sxlinux.company.com
>
> Valid starting     Expires            Service principal
> 09/19/05 13:42:00  09/19/05 23:40:19
> krbtgt/sxlinux.company.com at sxlinux.company.com
>
>
> Kerberos 4 ticket cache: /tmp/tkt500
> klist: You have no tickets cached
> [ajay at engr-212 ajay]$
>
>
> App Server [inetd.conf : telnetd -a valid] krb5.conf :
> ---------------------------------------------------------------------------
>
> # cat /etc/krb5.conf
> [libdefaults]
>    ticket_lifetime = 600
>    default_realm = sxlinux.company.com
>    kdc_req_checksum_type = 2
>    checksum_type = 2
>    ccache_type = 1
>    default_tkt_enctypes = des-cbc-crc
>    default_tgs_enctypes = des-cbc-crc
> [appdefaults]
>    telnet = {
>        sxlinux.company.com = {
>            forward = true
>            autologin = true
>            encrypt = true
>        }
>    }
>    pam = {
>        debug = false
>        ticket_lifetime = 36000
>        renew_lifetime = 36000
>        forwardable = true
>        krb4_convert = false
>    }
> [kdc]
>    profile =
> /home/ajay/Kerberos/Intel/krb5-1.4.2/bin/var/krb5kdc/kdc.conf
> [logging]
>    kdc =
> FILE://home/ajay/Kerberos/Intel/krb5-1.4.2/bin/var/krb5kdc/kdc.log
>    admin_server =
> FILE://home/ajay/Kerberos/Intel/krb5-1.4.2/bin/var/krb5kdc/a
> dm.log
>    default =
> FILE://home/ajay/Kerberos/Intel/krb5-1.4.2/bin//krb5kdc/log.log
> [realms]
>    sxlinux.company.com = {
>        kdc = 192.168.51.220:88
>        admin_server = 192.168.51.220:749
>        default_domain = company.com
>        auth_to_local_names = {
>            ajay/admin = dominion
>        }
>    }
>
> [domain_realm]
> [capaths]
> [login]
>    rb4_convert = 0
> #
>
> # klist
> Ticket cache: FILE:/tmp/krb5cc_0
> Default principal: ajay/admin at sxlinux.company.com
>
> Valid starting     Expires            Service principal
> 09/19/05 13:11:40  09/19/05 17:14:18
> krbtgt/sxlinux.company.com at sxlinux.company.com
>
>
> Kerberos 4 ticket cache: /tmp/tkt0
> klist: You have no tickets cached
> #
>
>
> Thanks.
> vj
> 




More information about the Kerberos mailing list