On Tue, 9 Sep 2003 16:53, Marc Singer wrote: > Tar said, I am not sure that what you want to do is possible with > Telnet as the telnet protocol is content-free. That is to say that it > has no knowledge of when the user is sending a password and when the > user is sending some other type of data. As far as Telnet is > concerned, the connection between the client and server is a simple > bi-directional stream. (I know this isn't entirely true, but close > enough in this case.) You probably need to write a new daemon to go > with your client.
TELNET is an extensible protocol that allows many different options to be negotiated and transferred. Passwords are one option and RFC2944 is quite clear about how it works. Getting a telnet client and server to do this shouldn't be too difficult, although it may require combining the functionality of telnetd and /bin/login which will require some minor changes to the way things work. But that's not insurmountable. I suggest that the first thing to do is to modify the telnetd to have a dummy login. EG have a fixed user-name/password before it does the usual telnetd thing, and run it with the option "-L /bin/bash". That will provide a good test bed for the modified telnet client. Once the client is tested and has been shown to work correctly then you can do the hard work (modifying telnetd and maybe merging /bin/login code) with a good test program. Also I suggest submitting the changes for the telnet client to Debian before writing the telnetd code. A telnet client with this functionality will be useful even if Debian contains no server code for RFC2944, I'm sure that other systems include server code and making Debian systems run as a client will be a useful addition. > On Mon, Sep 08, 2003 at 08:51:51PM -0700, polavarapu deepti wrote: > > I have been going through RFC2944 for telenet > > authentication:srp. I have already written code -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page