Hi,I ran into a problem when I use SRP telnetd and telnet: Trying 127.0.0.1... Connected to GATE (127.0.0.1). Escape character is '^]'. [ Negotiating SSL/TLS session ... ] [ Cipher: ADH-AES256-SHA (256 bits) ] [ Attempting to verify TLS session parameters... ] [ Trying SRP ... ] SRP Username (root): root [ SRP refuses authentication for 'root' (Password not set) ] WARNING: unable to verify TLS session parameters. Continue? (Y/N) y telnetd: Authorization failed. Connection closed by foreign host. My configuration: 1. OS centos 4.2 2. installation steps 1) ./configure --prefix=/usr/local/srp
--with-openssl=/root/kernel/openssl-0.9.8a --with-pam 2) make 3) make install 4) cp /usr/local/srp/sbin/eps_chkpwd /sbin/ 5) cp /usr/local/srp/bin/passwd /usr/bin/ 6) cp /usr/local/srp/bin/login /bin/ 7) cp /usr/local/srp/bin/su /bin/ 8) cp base/pam_eps/pam_eps_*.so /lib/security/ 9) added the fllowing two lines to some files in /etc/pam/d: login, su, passwd, telnet(made by myself) and system-auth auth required /lib/security/pam_eps_auth.so passwd required /lib/security/pam_eps_passwd.so /etc/pam.d/telete auth required pam_stack.so service=system-auth auth required /lib/security/pam_eps_auth.so account required pam_stack.so service=system-auth passwd required /lib/security/pam_unix.so nullok use_authtok md5 shadow passwd required /lib/security/pam_eps_passwd.so session required pam_stack.so service=system-auth 10) run the tconf a!
nd
generated the key 11) remade the root password and one other and confirmed that they updated shadow, passwd and tpasswd 12) made a new file --- /etc/xinetd.d/telnet # description: The SRP Telnet server #serves Telnet connections. # It uses SRP for authentication. service telnet { disable = no bind = 127.0.0.1 socket_type = stream wait = no user = root server = /usr/local/srp/sbin/telnetd server_args = -a valid log_on_success += DURATION USERID log_on_failure += USERID nice = 10 } What's wrong is this? All contributions gratefully received. | |
雅虎免费G邮箱-中国第一绝无垃圾邮件骚扰超大邮箱
雅虎助手¨D搜索、杀毒、防骚扰
_______________________________________________
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
