I am trying to setup a small test environment with Kerberos in our lab
environment.
We have 3 Solaris 8 machines. One is a master KDC, one is a slave, and one
is a client and Kerberos application (telnet) servers.
We are using SEAM 1.0.1 from SUN.
We follow the documentation to setup the 3 machines above and so far it is
looking good.
Our goal is allow user to telnet between these machines without re-enter the
password (Single Sign On).
We login to a KDC and do klist and see that we got a ticket.
>From there we try to telnet to a client and got the following error:
client01{lehong}: /usr/krb5/bin/telnet client01
Trying 144.201.100.22...
Connected to client01.tech.abc.com (144.201.100.22)
Escape character is '^]'.
[Kerberos V5 accepts you as : : [EMAIL PROTECTED]]
[Kerberos V5 accepted forwarded credentials]
Last login: Fri Feb 1 15:44:16 from slave01.tech.
Connection closed by foreign host.
We try to telnet into the client from a slave KDC also but got the same
error.
We try to telnet from master KDC to slave KDC but got the same error.
We have tried the following line in /etc/inetd.conf
telnet stream tcp nowait root /usr/krb5/lib/telnetd telnetd -a valid
or
telnet stream tcp nowait root /usr/krb5/lib/telnetd telnetd -a user
If we just use the regular telnet and default telnet entry for
/etc/inetd.conf then we can login but we have to re-enter the password.
We try to avoid re-enter password.
Anyone have any idea or suggestion? Please help.
