telnetd: Authorization failed. -- [Any kerberos - telnetd setup tutorial ?]
Markus Moeller
huaraz at moeller.plus.com
Mon Sep 19 15:09:13 EDT 2005
You have to do add ajay/admin at sxlinux.company.com to .k5login of user ajay
on engr-167.company.com, then a kinit as ajay/admin at sxlinux.company.com and
a telnet -F -l ajay engr-167.company.com 545
Markus
"vj" <purpletech at gmail.com> wrote in message
news:1127153326.200916.204140 at g44g2000cwa.googlegroups.com...
> [ajay at engr-212 ajay]$ telnet -F -l ajay/admin at sxlinux.company.com
> engr-167.company.com 545
> Trying 192.168.50.167...
> Connected to engr-167.company.com (192.168.50.167).
> Escape character is '^]'.
> telnetd: Authorization failed.
> Connection closed by foreign host.
> [ajay at engr-212 ajay]$ klist
> Ticket cache: FILE:/tmp/krb5cc_500
> Default principal: ajay/admin at sxlinux.company.com
>
> Valid starting Expires Service principal
> 09/19/05 13:42:00 09/19/05 23:40:19
> krbtgt/sxlinux.company.com at sxlinux.company.com
>
>
> Kerberos 4 ticket cache: /tmp/tkt500
> klist: You have no tickets cached
> [ajay at engr-212 ajay]$
>
>
> App Server [inetd.conf : telnetd -a valid] krb5.conf :
> ---------------------------------------------------------------------------
>
> # cat /etc/krb5.conf
> [libdefaults]
> ticket_lifetime = 600
> default_realm = sxlinux.company.com
> kdc_req_checksum_type = 2
> checksum_type = 2
> ccache_type = 1
> default_tkt_enctypes = des-cbc-crc
> default_tgs_enctypes = des-cbc-crc
> [appdefaults]
> telnet = {
> sxlinux.company.com = {
> forward = true
> autologin = true
> encrypt = true
> }
> }
> pam = {
> debug = false
> ticket_lifetime = 36000
> renew_lifetime = 36000
> forwardable = true
> krb4_convert = false
> }
> [kdc]
> profile =
> /home/ajay/Kerberos/Intel/krb5-1.4.2/bin/var/krb5kdc/kdc.conf
> [logging]
> kdc =
> FILE://home/ajay/Kerberos/Intel/krb5-1.4.2/bin/var/krb5kdc/kdc.log
> admin_server =
> FILE://home/ajay/Kerberos/Intel/krb5-1.4.2/bin/var/krb5kdc/a
> dm.log
> default =
> FILE://home/ajay/Kerberos/Intel/krb5-1.4.2/bin//krb5kdc/log.log
> [realms]
> sxlinux.company.com = {
> kdc = 192.168.51.220:88
> admin_server = 192.168.51.220:749
> default_domain = company.com
> auth_to_local_names = {
> ajay/admin = dominion
> }
> }
>
> [domain_realm]
> [capaths]
> [login]
> rb4_convert = 0
> #
>
> # klist
> Ticket cache: FILE:/tmp/krb5cc_0
> Default principal: ajay/admin at sxlinux.company.com
>
> Valid starting Expires Service principal
> 09/19/05 13:11:40 09/19/05 17:14:18
> krbtgt/sxlinux.company.com at sxlinux.company.com
>
>
> Kerberos 4 ticket cache: /tmp/tkt0
> klist: You have no tickets cached
> #
>
>
> Thanks.
> vj
>
More information about the Kerberos
mailing list