Date: Tue, 10 Oct 2000 13:55:03 +1100 (EST) From: Stanley Hopcroft <Stanley.Hopcroft@IPAustralia.Gov.AU> To: Security@FreeBSD.ORG Cc: Carl Makin <Carl.Makin@IPAustralia.Gov.AU>, shaddon@IPAustralia.Gov.AU Subject: What is this and how do I control it ? Message-ID: <Pine.BSF.4.21.0010101338340.12248-100000@stan.aipo.gov.au>
next in thread | raw e-mail | index | archive | help
Dear Ladies and Gentlemen, I am writing to say that when I telnet to a 4.1-RELEASE machine (with librsaINTL and the base crypto distribution installed) from a similar client I see, Trying 10.0.100.252... Connected to tsitc.aipo.gov.au. Escape character is '^]'. Trying SRA secure login: User (anwsmh): What does this mean and how do I manage it ? This telnet client, ktelnet 0.61 seems to negotiate the telnet authentication and encryption options by itself (!) but the FreeBSD telnet, invoked from an rxvt does not get this distinctive SRA secure login prompt. ( Telnet to the same server from an rxvt on the same client :- > telnet tsitc Trying 10.0.100.252... Connected to tsitc.aipo.gov.au. Escape character is '^]'. FreeBSD/i386 (tsitc.aipo.gov.au) (ttyp5) login: ) A trace shows the client asking for Authentication and Encryption telnet options, the server agreeing, and an exchange of Auth strings. The password is not sent in clear text but the subsequent session data is. What means of authentication do they use ? This is great, but I would like to know what is happening and how to reliably reproduce it eg from rxvts on the same client host, from ktelnet 0.61 on another machine. Thank you. Yours sincerely, S Hopcroft Network Specialist IP Australia +61 2 6283 3189 +61 2 6281 1353 FAX To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0010101338340.12248-100000>