Re: Kerberos V5 Authentication for a Telnet Session

Neither Microsoft's Telnet Server nor their Telnet client support
Kerberos authentication. In order to use Kerberos 5 authentication
on Windows you will need to find third party products that provide
this functionality.

Jeffrey Altman


sarshah20@xxxxxxxxx wrote:
> Here is what i want to do. I want to establish a telnet connection from
> a client to a server. The authentication mechanism that i want to use
> for telnet connection is kerberos v5.
>
> What I Have Done So Far:
> I have setup two virtual machines (both windows 2003 server enterprise
> edition) on VMWare. I have made one of them a server (a domain
> controller) and other a client. On the server, i
> have installed Active Directory. On the server i registered a new user
> in active directory. Using this user i can log in to the domain from
> clients machine. Now, from the clients machine, when i try to connect
> to the server using the windows builtin telnet client, the login
> attempt fails. The message that is displayed on the console is "Failure
> in initializing the telnet session. Shell process may not have been
> launched.". In the server event viewer, there is an error saying "Error
> in creating CMD proces. System Error: Access is denied.". After
> searching the internet, i found out a couple of proposed solutions for
> the first error. One of them was for win xp 64 bit edition. Tried it
> but no avail. The 2nd
> one said to make sure that Secondary Logon service is running. Tried
> that too but no affect at all. If i unset NTLM auth from the client
> side then it simply asks me to enter user name and password. Obviously
> this is not what i want. I want the user to be authenticated by means
> of kerberos v5 protocol. So now i am wondering how can i make kerberos
> v5 authentication to work with telnet. Any help would be highly
> appreciated.
>
>
> Thanks,
>
> sarshah
>

--
-----------------
This e-mail account is not read on a regular basis.
Please send private responses to jaltman at mit dot edu
.

Relevant Pages

  • Re: WCF security advice (and clarification) needed
    ... You, the client, resolve the foo.mycompany.com hostname within your ... TCP/IP) with that ticket as the security token. ... There are two parties participating in a security scenario, the server ... HTTP supports other authentication ...
    (microsoft.public.dotnet.framework.webservices)
  • Re: SSPI Kerberos for delegation
    ... We want the authentication to happen without providing credentials ... But SSPI while authenticating from the client to the server can do mutual ...
    (comp.protocols.kerberos)
  • Re: Aironet 1200/Radius Help Needed
    ... I just fired up a W2003 Advanced Server so that I can take ... >> IAS servers (do I need a separate certificate for the secondary IAS ... >> of authentication since it involves just installing the certificate on ... >between the AP and the client. ...
    (microsoft.public.internet.radius)
  • Re: SBS 2003 SP 1 on MSDN disks
    ... the PPPoE client, which I believe it operate as, even if Earthlink does not know it, and stop using the Windows Server 2003 PPPoE client to connect. ... I have started the Telnet service on my client computer ... I have started the Telnet service on the SBS2003 server. ...
    (microsoft.public.windows.server.sbs)
  • Re: Windows Authentication, Single sign on and Active Directory
    ... service proxy client fails to connect due to authentication failure and then ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... The server is always in the domain. ...
    (microsoft.public.dotnet.framework.aspnet.security)