troubles telnet-ing with Kerberos
Tillman
tillman at seekingfire.com
Wed Aug 13 16:03:04 PDT 2003
On Wed, Aug 13, 2003 at 06:04:02PM -0400, Mikhail Teterin wrote:
> Hello!
>
> I'm trying to make the FreeBSD 5.x machine accept users based on
> Kerberos' tickets.
Ok ...
> The telnet and telnetd seem like the most functional pair for this
> excercise. (rlogin's man page documents Kerberos options, but they
> are not implemented, it seems).
True, in the base install. If you use the Heimdal or MIT port you'll get
the fully implemented daemons.
> The KDC is a Win2K server (with Active Directory), but, according
> to tcpdump, nothing talks to it during the (failing) authentication
> attempt. After adding ``-a debug -edebug -D report'' to telnetd,
> I get the following, when trying to telnet to the host:
<snip>
I've never worked directly with an AD server acting as the KDC (I tend
to use a cross-realm trust with a Unix KDC), so I can't help you there.
But the new Kerberos book published by O'Reilly has a troubleshooting
chapter available as a PDF which you might find helpful:
http://www.oreilly.com/catalog/kerberos/chapter/ch05.pdf
-T
More information about the freebsd-questions
mailing list