tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: telnetd: Authorization failed & Connection closed



On Sun, 14 Mar 2010, Hubert Feyrer wrote:
valid Only allow connections when the remote user can pro- vide valid authentication information to identify the
                        remote user.  The login(1) command will provide any
                        additional user verification needed if the remote
user is not allowed automatic access to the specified
                        account.

So vista and juniper don't implement SRA and the connection is not allowed.
The default NetBSD telnetd configuration is more secure since passwords are
not sent in plaintext over the network. This is why valid is the default.
If you want to send your passwords in plaintext, feel free to change it for
your system, but I don't think that the change is appropriate for everyone.

And I can't have a steak because a three-year-old can't chew it?
Seriously, it sounds pretty broken to rather not have a working telnet than to do just what telnet is intended for.

Plus: I read the part about login(1) that it should fall back and ask me for my login & password. Apparently it does not - a feature?


 - Hubert


Home | Main Index | Thread Index | Old Index