[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: telnetd need inetd??



Hello,

Use hostnames instead of IP addresses.

Make sure your server has a keytab matching up with the hostname.


Love

1 jul 2008 kl. 11.04 skrev $)AMu?:

> Thank you for your advice. I tried xinetd for
> heimdal's telnetd and it works well.
>
> But I have another problem:
> My kdc and telnetd were run at the same PC and client
> is another PC.
> Clinet got TGT from kdc successfully.
> Then I add random key in kdc.
> When run telnet in Client PC, I can login the server,
> but didn't under the kerberos.
> This process is:
> [root@kerberosA bin]# ./telnet 192.168.0.30
> Trying 192.168.0.30...
> Connected to 192.168.0.30.
> Escape character is '^]'.
> Waiting for encryption to be negotiated...
>
> *** Connection not encrypted! Communication may be
> eavesdropped. ***
> Encryption negotiated.
> Password:
> Login incorrect
>
> login: jdoe
> Password:
> Last login: Tue Jul  1 17:38:23 from kerberosB
> [jdoe@kerberosA ~]$
>
> The tcpdump said there is not kerberos's data.
> I am confused and don't know how to get TGS for
> client?
> And why client can telnet the heimdal's telnetd server
> without kerberos?
>
> Thanks in advance!
>
>> Ah, xinetd is a modularized replacement for inetd.
>> Given a choice
>> between running xinetd and inetd, I'd take xinetd
>> anyday.
>>
>> So, you need to modify the /etc/xinet.d/telnet file
>> to be appropriate
>> for the heimdal telnetd.
>>
>> Frank
>>
>> On 6/30/08 10:32 AM, $)AMu wrote:
>>> Thank you for your answers.
>>> I have xintd instead of intd in FC8.And I found a
>>> document said that I need intd to run telnetd(or
>> ftpd
>>> and so on).
>>> Since the heimdal manual said that the service
>> program
>>> should be kerberosized(because the service program
>>> must call the heimdal or MIT's API??), so i don't
>> know
>>> the telnetd in the /libexec/ of heimdal need inted
>> or
>>> xinted in FC8? Or both of intd and xintd will be
>> OK?
>>>
>>> Thanks:)
>>>
>>> --- "Brandon S. Allbery KF8NH"
>> <allbery@ece.cmu.edu>
>>>
>>>> On 2008 Jun 30, at 4:12,
>> <wangyue0921@yahoo.com.cn>
>>>> wrote:
>>>>
>>>>> When I try to run telnetd ,it tell me
>>>> "getpeername: Socket operation
>>>>> on
>>>>> non-socket" and exited.
>>>>> Does that mean I need inetd to run telnetd? Or
>> can
>>>> I run telnetd
>>>>> alone and how
>>>>> to do it.
>>>>>
>>>>> Maybe a silly question, but I didn't find any
>>>> useful imformation for
>>>>> how to run
>>>>> a kerberosized server program.
>>>>>
>>>>> Thank you very much!
>>>>>
>>>>> PS:1,My OS now didn't have inetd yet.
>>>>>     2,when I run rshd or ftpd, it quit and the
>>>> "-d" parameter
>>>>> doesn't tell me
>>>>> anything. Does rshd and ftpd also need inetd?
>>>>
>>>> Most Unix services, including telnetd, ftpd,
>> rshd,
>>>> run under inetd (or
>>>> alternative:  xinetd, launchd, upstart).  Your
>>>> distribution may not
>>>> load an inetd by default, but it will have a
>> package
>>>> for one in the
>>>> installation medium (probably xinetd for Fedora).
>>>>
>>>> -- 
>>>> brandon s. allbery
>>>> [solaris,freebsd,perl,pugs,haskell]
>>>> allbery@kf8nh.com
>>>> system administrator [openafs,heimdal,too many
>> hats]
>>>> allbery@ece.cmu.edu
>>>> electrical and computer engineering, carnegie
>> mellon
>>>> university    KF8NH
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>>
>>
> ___________________________________________________________
>>
>>> $)A(2(2
>>> http://cn.mail.yahoo.com/
>>
>> -- 
>> Frank Swasey                    |
>> http://www.uvm.edu/~fcs
>> Sr Systems Administrator        | Always remember:
>> You are UNIQUE,
>> University of Vermont           |    just like
>> everyone else.
>>   "I am not young enough to know everything." -
>> Oscar Wilde (1854-1900)
>>
>>
>
>
>
>      ___________________________________________________________
> $)AQE;"SJOd#,Dz5DVUIzSJOd#!
> http://cn.mail.yahoo.com/