[515] in Release_7.7_team
re: strongly desired change for 8.0
daemon@ATHENA.MIT.EDU (Mike Barker)
Mon Apr 29 15:19:01 1996
To: release-team@MIT.EDU
Cc: miki@MIT.EDU
Date: Mon, 29 Apr 1996 15:18:33 EDT
From: Mike Barker <mbarker@MIT.EDU>
We need to make these changes. According to the record in release-77,
we had wide-spread agreement to the "-a off" change (see 269, 270,
272, 273, 276).
Somehow they seem to have disappeared from the 8.0 packs.
This means changing /etc/athena/inetd.conf to something like:
ftp stream tcp nowait unswitched root /etc/athena/ftpd ftpd -a
telnet stream tcp nowait unswitched root /etc/athena/telnetd telnetd -a off
The addition of "-a off" in the telnetd configuration will make it ask
for password in addition to Kerberos authentication. This is the same
kind of behavior now seen on the dialups.
The use of an athenized ftpd provides improved security.
Greg, Craig, Miki--let me know if there is any problem with making
these changes, okay?
Kevin--we should add this to the list of user-visible changes.
Telnetting in will act differently.
For information:
(with -a off)
-athena% telnet piano
-...including Athena's default telnet options: "-ax"
-Trying 18.177.1.37...
-Connected to PIANOFORTE.MIT.EDU.
-Escape character is '^]'.
-[ Trying KERBEROS4 ... ]
-[ Kerberos V4 accepts you ]
-[ Kerberos V4 challenge successful ]
-What you type is protected by encryption.
!-login: mbarker
!-Password:
-Last login:
(without -a off)
-athena% telnet thankyou
-...including Athena's default telnet options: "-ax"
-Trying 18.177.0.93...
-Connected to thankyou.MIT.EDU.
-Escape character is '^]'.
-[ Trying KERBEROS4 ... ]
-[ Kerberos V4 accepts you ]
-[ Kerberos V4 challenge successful ]
-Last login:
Thanks!
mike
------- Forwarded Message
From: Jonathon Weiss <jweiss@MIT.EDU>
To: release-team@MIT.EDU
Subject: strongly desired change for 8.0
Date: Mon, 22 Apr 1996 20:10:17 EDT
Sender: jweiss@MIT.EDU
I would very much like to see a couple of changes to the athena
inetd.conf for 8.0. I think that the default telnet entry should have
the "-a off" at the end, so that the default behavior is the same as
what people get on the dialups. This would probably require some doc
work. I would like to see the ftp entry be for an athenized ftpd by
default, rather than the default one (/etc/athena/ftpd ... ftpd -a)
Mike, this is what I wanted to talk to you about this afternoon, but
you left...
Jonathon
------- End of Forwarded Message
