[4224] in Kerberos
krb5-b4p3 telnetd and r4 telnet clients?
daemon@ATHENA.MIT.EDU (Jonathan Stone)
Sat Nov 19 20:25:58 1994
To: kerberos@MIT.EDU
Date: 20 Nov 1994 01:01:19 GMT
From: jonathan@DSG.Stanford.EDU (Jonathan Stone)
Reply-To: jonathan@DSG.Stanford.EDU
Does anyone know how to get a single telnetd that allows
authenticated connections from both V4 and V5 client?
I've got KRB5 beta4 patchlevel 3 compiled and installed, with
KRB5_KRB4_COMPAT manually defined when libkr5.a was compiled.
If I construct a v4 srvtab, KerberosIVrlogin clients
can get a Kerberos-authenticated krlogin session. (The
srvtab constructed by krb5_edit's xst4 doesn't work for me;
I had to use the v4 command set running against the v5 kdc.)
When I try the same thing with telnet, the v5 telnet server
doesn't list kerberos_v4 in the IAC SB AUTHENTICATION message.
I've compiled appl/telnet with -DKRB4 -DKRB5. Thats' sufficient
for the telnet client to be able to talk to either krb4 or
krb5 clients, and ``do the right thing'' if one already has
both KerberosIV and KRB5 tickets. I'd hoped that would be enough
to get the telnet server to advertise both KRB5 and KRB4 in its
IAC SB AUTHENTICATION, but apparently it isn't.
I know I can figure this out on my own, but it seems like something
that must've been solved already. Unless the Telnet Authentication
option is defined such that this is illegal or would always
converge on KRB4...
--Jonathan Stone
Stanford Distributed Systems Group
