[31944] in Kerberos
Re: Cannot run rlogind, telnetd
daemon@ATHENA.MIT.EDU (Russ Allbery)
Tue Jan 19 14:56:36 2010
From: Russ Allbery <rra@stanford.edu>
To: kerberos@mit.edu
In-Reply-To: <1263930557.14792.1.camel@entropy> (Edward Murrell's message of
"Wed, 20 Jan 2010 08:49:17 +1300")
Date: Tue, 19 Jan 2010 11:56:29 -0800
Message-ID: <87k4vdzx5e.fsf@windlord.stanford.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Edward Murrell <edward@murrell.co.nz> writes:
> You probably do not have reverse DNS set up properly, or the reverse DNS
> name does not match the keytab installed on the application server.
Also, you can't just run rlogind from the command line. It's a network
server that expects to be run out of inetd with a network socket on
standard input.
> In any case, you should ditch telnet and rlogin in favour of SSH.
Definitely true for telnet. Kerberos rlogin still has some nice
advantages over ssh for simplicity and limitation of scope if you only
want to accept Kerberos authentication.
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
