[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Heimdal and r* client programs



On Tue, Aug 13, 2002 at 07:28:53PM +0200, Johan Danielsson wrote:
> Tillman Hodgson <tillman@seekingfire.com> writes:
> 
> > klogind stream  tcp     nowait  root    /usr/local/libexec/rlogind rlogind -k
> 
> Where did you get this rlogind? Heimdal doesn't come with a
> rlogin/d. If it's from the krb4 package it's krb4 only.
> > open("/usr/lib/libkrb.so.3",0x0,027757775574)    = 3 (0x3)
> This also looks like Kerberos 4.

That cleared up the first piece of the puzzle, thanks :-)

My apologies for being unclear ... because I grepped for klogin in my
first email, it wasn't obvious that I also had the Heimdal rshd
running.

pluto# grep kshell /etc/inetd.conf
kshell  stream  tcp     nowait  root    /usr/local/libexec/rshd rshd -k

pluto# /usr/local/libexec/rshd --version
rshd (heimdal-0.4e, krb4-1.0)
Copyright (c) 1999-2001 Kungliga Tekniska Högskolan

> > athena# /usr/local/bin/rsh pluto
> rsh without a command will just exec rlogin, so this is exactly like
> above. You can try starting an rshd, and try rsh with a command.

Aha! This cleared up most of the rest of the mystery, thanks!

athena# /usr/local/bin/rsh -l tillman pluto uname -a
FreeBSD pluto.seekingfire.prv 4.6-RELEASE FreeBSD 4.6-RELEASE #0: Tue Jun 11 06:14:12 GMT 2002 murray@builder.freebsdmall.com:/usr/src/sys/compile/GENERIC  i386

Success :-)

I suppose that I should be using the Heimdal telnetd for remote shells
rather than rsh (or the non-existent rlogin)? I have telnetd (and ftpd)
working now as well (thanks to a google groups search for the correct
inetd.conf options (-a user)). Ideally, I'd like to have it so that I
can ssh to the OpenSSH 3.4p1 on any server and have the login grant me
the TGT and enable me to ssh elsewhere internally without requiring
passwords, key pairs or .shosts. Are there any good resources for
OpenSSH with v5 Kerberos and GSSAPI?

Thanks for your help,

- Tillman

-- 
The truth of a proposition has nothing to do with its credibility. And
vice versa.
	Robert Heinlein