Date: Wed, 13 Aug 2003 17:03:02 -0600 From: Tillman <tillman@seekingfire.com> To: questions@freebsd.org Subject: Re: troubles telnet-ing with Kerberos Message-ID: <20030813170302.B22214@seekingfire.com> In-Reply-To: <200308131804.02367@misha-mx.virtual-estates.net>; from mi%2Bmx@aldan.algebra.com on Wed, Aug 13, 2003 at 06:04:02PM -0400 References: <200308131804.02367@misha-mx.virtual-estates.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Aug 13, 2003 at 06:04:02PM -0400, Mikhail Teterin wrote: > Hello! > > I'm trying to make the FreeBSD 5.x machine accept users based on > Kerberos' tickets. Ok ... > The telnet and telnetd seem like the most functional pair for this > excercise. (rlogin's man page documents Kerberos options, but they > are not implemented, it seems). True, in the base install. If you use the Heimdal or MIT port you'll get the fully implemented daemons. > The KDC is a Win2K server (with Active Directory), but, according > to tcpdump, nothing talks to it during the (failing) authentication > attempt. After adding ``-a debug -edebug -D report'' to telnetd, > I get the following, when trying to telnet to the host: <snip> I've never worked directly with an AD server acting as the KDC (I tend to use a cross-realm trust with a Unix KDC), so I can't help you there. But the new Kerberos book published by O'Reilly has a troubleshooting chapter available as a PDF which you might find helpful: http://www.oreilly.com/catalog/kerberos/chapter/ch05.pdf -T
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030813170302.B22214>