Hi, I'm trying to configure a kerberos realm, and I have already installed heimdal on one FreeBSD5.4 machine and was able to run KDC daemon. I can already acquire a TGT and was about to test it using telnet.
First, after acquiring a ticket granting ticket, I launched telnet on another machine with inetd running and telnetd enabled already in its inetd.conf.. However, my telnet client said the following: Trying KERBEROS5 (host/[EMAIL PROTECTED])... ] [ Kerberos V5 refuses authentication because krb5_sock_to_principal failed ].. Some of kerberos clients are already installed by default right? Ex., even without installing heimdal, I can still run kinit. How about those server daemons like telnetd?? Are they already built to accept a kerberos authentication? Why am I getting the above messages even if I use the telnet client inside "/usr/local/heimdal/bin" against the telnetd found inside "/usr/local/heimdal/libexec -a user" of the remote machine I am connecting to. And even if I use the default /usr/bin/telnet against /usr/libexec/telnetd -a user of the remote machine, I still get the same error above. Now if I pair a /usr/bin/telnet against the "/usr/local/heimdal/libexec/telnetd -a debug"on the remote computer, I still get the same error above but now with a warning: *** Connection not encrypted! Communication may be eavesdropped. *** and also the login prompt.. this time it is allowing me to login, only not encrypted, unlike when I use those pairings above which automatically exits upon failed authentication. Do you have any idea what's happening here? Thank you very much. -jay __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"