Date: Wed, 1 Jun 2005 20:45:24 -0700 (PDT) From: Mark Jayson Alvarez <jay2xra@yahoo.com> To: freebsd-questions@freebsd.org Subject: Are those services in inetd.conf(telnetd, ftpd) kerberized already?? Message-ID: <20050602034524.8591.qmail@web51606.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
Hi, I'm trying to configure a kerberos realm, and I have already installed heimdal on one FreeBSD5.4 machine and was able to run KDC daemon. I can already acquire a TGT and was about to test it using telnet. First, after acquiring a ticket granting ticket, I launched telnet on another machine with inetd running and telnetd enabled already in its inetd.conf.. However, my telnet client said the following: Trying KERBEROS5 (host/gwenever.camlann.pregi.net@CAMLANN.PREGI.NET)... ] [ Kerberos V5 refuses authentication because krb5_sock_to_principal failed ].. Some of kerberos clients are already installed by default right? Ex., even without installing heimdal, I can still run kinit. How about those server daemons like telnetd?? Are they already built to accept a kerberos authentication? Why am I getting the above messages even if I use the telnet client inside "/usr/local/heimdal/bin" against the telnetd found inside "/usr/local/heimdal/libexec -a user" of the remote machine I am connecting to. And even if I use the default /usr/bin/telnet against /usr/libexec/telnetd -a user of the remote machine, I still get the same error above. Now if I pair a /usr/bin/telnet against the "/usr/local/heimdal/libexec/telnetd -a debug"on the remote computer, I still get the same error above but now with a warning: *** Connection not encrypted! Communication may be eavesdropped. *** and also the login prompt.. this time it is allowing me to login, only not encrypted, unlike when I use those pairings above which automatically exits upon failed authentication. Do you have any idea what's happening here? Thank you very much. -jay __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050602034524.8591.qmail>