From owner-freebsd-questions Mon Jul 22 09:01:23 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id JAA13530 for questions-outgoing; Mon, 22 Jul 1996 09:01:23 -0700 (PDT) Received: from pelican.altadena.net (pelican.dial.interworld.net [206.124.240.237]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id JAA13504; Mon, 22 Jul 1996 09:00:54 -0700 (PDT) Received: by pelican.altadena.net (Smail3.1.29.1 #10) id m0uiNLw-0000RhC; Mon, 22 Jul 96 08:57 PDT Message-Id: Date: Mon, 22 Jul 96 08:57 PDT From: pete@pelican.altadena.net (Pete Carah) To: ghelmer@alpha.dsu.edu Subject: Re: Kerberized/encrypted rlogins - 2.1.5 incompatible with everything else? Newsgroups: freebsd.questions In-Reply-To: Cc: questions@freebsd.org, hackers@freebsd.org Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk In article you write: > >I just upgraded two 2.1 machines to 2.1.5 yesterday, and now when I try to >login to them from my FreeBSD 2.1 workstation via kerberos-encrypted >rlogin sessions, I get gibberish! Non-encrypted kerberos rlogin sessions >work fine between 2.1 and 2.1.5 systems, but encrypted sessions, my >prefered method, do not work in either direction between 2.1.5 and >anything other system. ldd of rlogin and rlogind on the 2.1.5 systems >show: >/usr/bin/rlogin: > -lcom_err.2 => /usr/lib/libcom_err.so.2.0 (0x8034000) > -lkrb.2 => /usr/lib/libkrb.so.2.1 (0x801e000) > -ldes.2 => /usr/lib/libdes.so.2.1 (0x8043000) > -lc.2 => /usr/lib/libc.so.2.2 (0x804f000) >/usr/libexec/rlogind: > -lutil.2 => /usr/lib/libutil.so.2.1 (0x801d000) > -lcom_err.2 => /usr/lib/libcom_err.so.2.0 (0x8018000) > -lkrb.2 => /usr/lib/libkrb.so.2.1 (0x802c000) > -ldes.2 => /usr/lib/libdes.so.2.1 (0x8042000) > -lc.2 => /usr/lib/libc.so.2.2 (0x804e000) >Very strange... I see no significant difference in the rlogind code, so I >guess I'll have to dig into libdes :-( Any thoughts? Well, I just rebuilt all of eBones without the rest of secure with no effect (of course the bug could be in the source so that wouldn't matter). Could be a missing/extra 'endian' indication somewhere but somehow I don't think so or the logins shouldn't work either... I sent a note to Jordan the night after the release which he supposedly forwarded to someone but haven't heard anything back. This is a pain since that has never gotten broken before and I use it heavily. At least I've only installed one machine so far. When I get time :-) I'll cdiff the last snap (which worked) from the release sources (at least if I haven't nuked the last snap's source from where it was...). -- Pete