>>>>> "EG" == Earl Greida writes:

EG> Help. I want to telnet to a laptop that has Fedora 3 installed.
EG> This is on a private net so I do not want any type of forced
EG> security. I just want to telnet to the laptop from different
EG> Linux PCs. Unfortunately, when I do telnet to the laptop I get an
EG> error message.

EG> This is the error message I receive after entering the password:

EG> Cannot resolve network address for KDC in requested realm while
EG> getting initial credentials

EG> I edited the file krb5-telnet in the /etc/xinet.d directory from
EG> disable=yes to disable=no. Before I did that it would not even
EG> accept a telnet connection. At least now it accepts connections.

There's no "at least;" you had telnet turned off. You turned it on, now
it accepts connections. That's how xinetd works.

EG> FTP is fine.

EG> The comment in the krb5-telnet file states that "The kerberized
EG> telnet server accepts normal sessions", but that appears false.

No, it is true. In prompting for a password, it is doing a "normal
session," as opposed to requiring authentication via Kerberos ticket. The
problem is that telnetd is further configured to verify the password using
Kerberos. That is probably via PAM; look at /etc/pam.conf or in
/etc/pam.d/.

--
Richard Silverman
res@qoxp.net

"Richard E. Silverman" wrote in message
news:m2mzejsia5.fsf@darwin.oankali.net...
> >>>>> "EG" == Earl Greida writes:
>
> EG> FTP is fine.
>
> EG> The comment in the krb5-telnet file states that "The kerberized
> EG> telnet server accepts normal sessions", but that appears false.
>
> No, it is true. In prompting for a password, it is doing a "normal
> session," as opposed to requiring authentication via Kerberos ticket. The
> problem is that telnetd is further configured to verify the password using
> Kerberos. That is probably via PAM; look at /etc/pam.conf or in
> /etc/pam.d/.

Thanks for the help. There is no /etc/pam.conf file. There are a ton of
files in pam.d, but none contain telnet. Any suggestions? I am a bit
hesitant to just going into these files and commenting out lines.

/etc/pam.d/
atd
authconfig
authconfig-gtk
chfn
chsh
crond
cups
dateconfig
ethereal
gdm
gdm-autologin
gdmsetup
halt
hwbrowser
internet-druid
kbdrate
kde
kde-np
kppp
login
neat
newrole
other
pamdir
passwd
poweroff
ppp
printconf
printconf-gui
printconf-tui
printtool
reboot
remote
rhn_register
run_init
samba
screen
serviceconf -> system-config-services
setup
smtp -> /etc/alternatives/mta-pam
smtp.sendmail
squid
sshd

>>>>> "EG" == Earl Greida writes:

EG> "Richard E. Silverman" wrote in message
EG> news:m2mzejsia5.fsf@darwin.oankali.net...
>> >>>>> "EG" == Earl Greida
>> writes:
>>
EG> FTP is fine.
>>
EG> The comment in the krb5-telnet file states that "The kerberized
EG> telnet server accepts normal sessions", but that appears false.
>> No, it is true. In prompting for a password, it is doing a
>> "normal session," as opposed to requiring authentication via
>> Kerberos ticket. The problem is that telnetd is further configured
>> to verify the password using Kerberos. That is probably via PAM;
>> look at /etc/pam.conf or in /etc/pam.d/.

EG> Thanks for the help. There is no /etc/pam.conf file. There are a
EG> ton of files in pam.d, but none contain telnet. Any suggestions?
EG> I am a bit hesitant to just going into these files and commenting
EG> out lines.

Although the names often match up, they don't have to. In this case,
telnetd is probably using the "login" PAM service.

--
Richard Silverman
res@qoxp.net

"Earl Greida" wrote in message
news:5nV0g.3159$An2.528@newsread2.news.pas.earthli nk.net...
> Help. I want to telnet to a laptop that has Fedora 3 installed. This is
on
> a private net so I do not want any type of forced security. I just want
to
> telnet to the laptop from different Linux PCs. Unfortunately, when I do
> telnet to the laptop I get an error message.
>
> This is the error message I receive after entering the password:
>
> Cannot resolve network address for KDC in requested realm while getting
> initial credentials
>
> I edited the file krb5-telnet in the /etc/xinet.d directory from
disable=yes
> to disable=no. Before I did that it would not even accept a telnet
> connection. At least now it accepts connections. FTP is fine.
>
> krb5-telnet in /etc/xinet.d dir
> # default: off
> # description: The kerberized telnet server accepts normal
> # telnet sessions, but can also use Kerberos 5 authentication.
> service telnet
> {
> flags = REUSE
> socket_type = stream
> wait = no
> user = root
> server = /usr/kerberos/sbin/telnetd
> log_on_failure += USERID
> disable = no
> }
>
> The comment in the krb5-telnet file states that "The kerberized telnet
> server accepts normal sessions", but that appears false.
>
> There is no other telnetd package installed.
>
> How do I either:
>
> 1. Disable kerberos so that it accepts connections
> 2. Remove the kerberos telnet package (rpm -qa does not show any kerberos
> telnet package)
>
> Thanks.
>
>
I fixed this by downloading and installing a "normal" telnet package, along
with a "normal" rsh (rlogin) package. They work fine.

"Richard E. Silverman" wrote in message
news:m2ejzuqo4b.fsf@darwin.oankali.net...
> >>>>> "EG" == Earl Greida writes:
>
> EG> I fixed this by downloading and installing a "normal" telnet
> EG> package, along with a "normal" rsh (rlogin) package. They work
> EG> fine.
>
> While I'm glad you fixed your problem, be aware that the other packages
> work just fine as well. You simply misunderstood and misconfigured them.

Maybe, but I didn't configure anything. That's the way they were installed
by the vendor, or configured by Redhat. Thanks for your help, though.