telnetd: Authorization failed & Connection closed

[Hubert Feyrer <hubert%feyrer.de@localhost>]

When trying to telnet[1] to a NetBSD 5.0/i386 machine, I do not always get 
a login prompt. It seems that it depends on the machine/setup that I come 
from if this behaviour is shown or not.

The line in /etc/inetd.conf is:

        telnet          stream  tcp     nowait  root    /usr/libexec/telnetd    
telnetd -a valid


Example logins:

 * From NetBSD 4.0/i386 I get a Login-prompt as expected

        % telnet 192.168.1.3
        Trying 192.168.1.3...
        Connected to 192.168.1.3.
        Escape character is '^]'.
        Trying SRA secure login:
        User (feyrer):

 * From a Windows Vista machine that's part of an AD domain it fails:

        C:\> telnet 192.168.1.3
        <clears screen>
        telnetd: Authorization failed.
        Connection closed by foreign host.
        C:\>

 * From a Juniper SSG5 running ScreenOS 6.2.0r4.0 it fails, too:

        ssg5> telnet 192.168.1.3
        Trying 192.168.1.3...
        Connected to 192.168.1.3.
        Abort the connection with CTRL+D
        telnetd: Authorization failed.

        Connection closed by foreign host.
        ssg5>

It seems the "valid" setting in telnetd does not fall back to login(1) as 
it should, following the documentation.

I've tried running telnetd -s with no change.
For the various values for telnetd -a, it seems that "debug" and "off" 
get things into a working condition.

I wonder if the default should be changed from "valid" to "off",
to make telnet logins work again, at least until someone fixes the "valid" 
behaviour.


 - Hubert


[1] I know it's considered insecure. Let's not go there now.