Re: telnetd: Authorization failed & Connection closed

[christos%zoulas.com@localhost (Christos Zoulas)]

On Mar 14,  2:27am, hubert%feyrer.de@localhost (Hubert Feyrer) wrote:
-- Subject: Re: telnetd: Authorization failed & Connection closed

| On Sat, 13 Mar 2010, Christos Zoulas wrote:
| >                  valid  Only allow connections when the remote user can pro-
| >                         vide valid authentication information to identify 
the
| >                         remote user.  The login(1) command will provide any
| >                         additional user verification needed if the remote
| >                         user is not allowed automatic access to the 
specified
| >                         account.
| >
| > So vista and juniper don't implement SRA and the connection is not allowed.
| > The default NetBSD telnetd configuration is more secure since passwords are
| > not sent in plaintext over the network. This is why valid is the default.
| > If you want to send your passwords in plaintext, feel free to change it for
| > your system, but I don't think that the change is appropriate for everyone.
| 
| And I can't have a steak because a three-year-old can't chew it?
| Seriously, it sounds pretty broken to rather not have a working telnet 
| than to do just what telnet is intended for.
| 

You have to edit /etc/inetd.conf to enable telnetd; we disable it by default
because it is insecure. We provide an example line for a more secure
configuration if you really want to use it as a hint. You are free to change
it to whatever you like, but the default is a suggestion for a secure
configuration. You should bother the vendors instead to implement SRA.

christos