Disable krb5 telnetd authentication
J. K. Cliburn
jcliburn at gmail.com
Sun Feb 5 13:45:49 UTC 2006
Stuart Sears wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> J. K. Cliburn wrote:
>
>>Can someone please tell me how to configure /usr/kerberos/bin/telnetd to
>>turn off kerberos authentication? I'm starting telnetd within xinetd
>>with the following /etc/xinetd.d/krb5.telnet file:
>
>
> sure. Well almost.
> you'll need to use the non-krb5 telnet server for this.
> (Assuming you have no need for kerberos)
>
> #Install the telnet-server package
> yum install telnet -server
>
> #turn off the kerberised version
> chkconfig krb5-telnet off
>
> # turn on the non-kerberised server:
> chkconfig telnet on
>
> it is vital that you turn off the krb5-telnet service here as it will be
> used for preference if you do not, even if the 'normal' telnet service
> is on.
Thanks Stuart, but I'm familiar with how to configure an unkerberized
telnet server. I ran across this kerberized telnetd issue while helping
someone else get telnet service running. My recommendation to him was
the same as yours is to me: run an unkerberized telnet server. However,
I got curious and started reading and discovered that the kerberized
telnetd that ships with FC4 appears to support unkerberized connections
if properly configured, but only if it was compiled to support it.
After having that telnetd spurn all my attempts to configure it to allow
non-authenticated connections, I can only surmise that it wasn't
compiled to support the AUTHENTICATION option.
Jay
More information about the fedora-list
mailing list