Re: crypto-us and crypto-intl status

To: John Darrow <John.P.Darrow%wheaton.edu@localhost>
Subject: Re: crypto-us and crypto-intl status
From: "Tracy J. Di Marco White" <gendalia%iastate.edu@localhost>
Date: Tue, 07 Dec 1999 18:41:06 CST

}>}> 1. do both trees compile?

}>}I can't speak for -us, but -intl definitely compiles, at least on i386 and 
}>}alpha -current.  Atary should finish in about 3 days or so...

}>I have one system that's current as of today, and -us does not compile,

}It builds fine for me, using sup from sup.netbsd.org (thus -us version) with:
}CRYPTOBASE=domestic
}and either
}KERBEROS=4
}or
}KERBEROS=5
}KERBEROS5=yes

}Either setup builds cleanly, requiring no local patches, and has done so
}for at least a couple months.  Recheck your source tree...

That was my plan for today, I just hadn't gotten a chance.  I've gotten
rid of my source tree, and regrabbed it, and it's much better now.

}BTW, I have not yet checked that any of the kerberos stuff actually _works_,
}just that it compiles...

It is working for me, kerberos login, telnet, and telnetd are the bits I
use.  'telnet -ax somehost' doesn't work the same as it did before crypto
was split into -intl and -us, and I think it should.  It used to expand to
& use the FQDN.

This is what I currently see:
~% telnet -ax 0
Trying 0.0.0.0...
Connected to 0.
Escape character is '^]'.
[ Trying KERBEROS4 ... ]
mk_req failed: Principal unknown (kerberos)
[ Trying KERBEROS4 ... ]
mk_req failed: Principal unknown (kerberos)
Password:
Login incorrect
login: Connection closed by foreign host.
~% telnet -ax zathras.cc
Trying 129.186.140.8...
Connected to zathras.cc.
Escape character is '^]'.
[ Trying KERBEROS4 ... ]
mk_req failed: Principal unknown (kerberos)
[ Trying KERBEROS4 ... ]
mk_req failed: Principal unknown (kerberos)
login: gendalia
password: 
Password incorrect
login: cConnection closed by foreign host.
~% 
~% telnet -ax zathras.cc.iastate.edu
Trying 129.186.140.8...
Connected to zathras.cc.iastate.edu.
Escape character is '^]'.
[ Trying KERBEROS4 ... ]
[ Kerberos V4 accepts you ]
[ Kerberos V4 challenge successful ]

Using encryption for Input and Output
login: gendalia
password: 
Password incorrect
login: cConnection closed by foreign host.

Our local version of telnet doesn't attempt encryption on 'telnet 0',
and expands to the FQDN on all others, and (important when the machine
telnet'ed to is part of a pool ('telnet isua.iastate.edu')) it will do a
reverse lookup to find the real name and use that if it exists.  It also
defaults to 'telnet -ax', and uses the '-A' option to disable those choices.

I had patches for the old K4 only telnet that did all of that, haven't
gotten a chance to look at the new version.  I don't know how useful
some of those choices would be for general use, but they're how things
work locally.

Tracy J. Di Marco White
Project Vincent Systems Manager
gendalia%iastate.edu@localhost

References:
- Re: crypto-us and crypto-intl status
  - From: John Darrow

Prev by Date: Re: crypto-us and crypto-intl status
Next by Date: Re: crypto-us and crypto-intl status
Previous by Thread: Re: crypto-us and crypto-intl status
Next by Thread: Re: crypto-us and crypto-intl status
Indexes:

Home | Main Index | Thread Index | Old Index