Inger, Slav (.) wrote: > Hello, > > Having an issue getting telnetd and telnet to work together to enable > single sign-on. Have the latest MIT Kerberos distribution, compiled and > running on Debian Linux. Can get TGTs, gss-client/gss-server are > working fine, and I can get single sign-on with rlogin/klogind. But not > with telnet. inetd is invoking telnetd with '-a valid' flag, but it's > always prompting me for a password with the TGT already present. When I > run 'klist' afterwards, no TGS was obtained. And if I request an > ecrypted telnet session, telnetd comes back with "authorization failed". > Auth is taking place within a single realm. > > Any ideas? TIA!
Your service principals do not have single DES enctypes. The MIT Telnet only supports single DES. The Telnet distribution from http://srp.stanford.edu contains support for the triple DES extensions. Jeffrey Altman ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
