|
telnet auto-login
I am running RH9 with 2 nics. What I would like to do is use the box as a router between 2 subnets that allows ssh on subnet A but allows a telnet login on subnet B with no login prompt. Essentially an autologin. No username and/or password used on the telnet login. Can this be achieved? How would I go about configuring the auto login part. I know the security risks of telnet, this is giong through an encrypted tunnel already. I just need the auto login part working.
Thanks for any help. |
Not exactly answering to your question, but how about doing it with ssh?
Meaning that:
If you want to be able to log in from many computers, either copy the ~/.ssh/id_dsa to other locations as well or make an other key for other machines. |
Unfortunately, I am looking for no user interaction.
|
What do you mean by user interaction? You don't need user to input anything after the setup phase. That is, you can have scripts containing commands like
"ssh yourserver ls" or "scp yourserver:foo .". You might have some other needs that can't be fullfilled with this ssh solution, what they might be? |
I am not looking for an ssh solution. There will be a small handheld device running a Linux OS but the person using the device has no screen or monitor and cannot enter a username and pass. The device needs to connect to an SMB mount from an NT server running proprietary software. It needs to connect via telnet but would be very beneficial to not have to login. Of course the handheld and software company have a solution but it costs major $ and the handheld runs Windowz CE. I was just try to give an open source solution. If I can get past this, I think I can do it. I just need to connect via telnet with no login.
|
ok, sounds reasonable.
Here is how to do it:
Two catches. Remember to restart your inetd and check that telnetd is run as root (the login program will not allow arbitrary person to login without authentication otherwise). If you don't like the idea of running telnetd as root, you should recompile your own version of telnetlogin (in the telnetd package) that calls your own autologin instead of traditional login. But first try to get the system working with a telnetd running as root. |
And sorry for skimping the information, just trying to guide people to do things by IMHO the easiest (and safest) way, which in your case was not possible due the special needs you have. ;)
|
Did you ever think about netcat ?
Netcat allows you to transfer files, execute commands on remote machines, without logging in and can be run without root privileges. You say that the remote device runs Linux. So, it might be possible to install netcat on it. |
I have no /etc/inetd.conf. I am currently running new install of RH9. I do have an xinetd.conf but nothing referring to telnet in there. There is a xinetd.d directory with a telnet file. When I add "-L /usr/local/bin/autologin" there and restart xinetd I can't login at all. I take the line out and I can login. In the telnet file there is a line that states "/usr/sbin/in.telnetd". I checked in.telnetd and I can't read anything in there.
Also, how do I check if telnetd is run as root. Thanks. |
xinetd is newer version (or fork of) the inetd.
Did you made the autologin script first? What does it mean you can't login at all? Connection refused, permission denied, or what is the problem. At least in debian, the telnetd is run as an user named 'telnetd', group 'telnetd'. You should add (or replace old ones) lines "user = root" and "group = root" to the configuration block in the telnet file. Also the syntax of parameter passing is not same in xinetd. To give parameter to a service, you have to put a line "server_args = -L /usr/local/bin/autologin" to the telnet file (and keep the server field containing just "/usr/sbin/in.telnetd". |
What I meant by can't login was connection refused, but that is gone now.
Now, I have entered the "server_args = -L /usr/local/bin/autologin" in the telnet file and I have created the script as well. I get the error "telnetd: /usr/local/bin/autologin: Permission denied" when telnetting from a Win2K with "telnet -l username x.x.x.x". The username I am using has an account on the Linux box. As well, I have also restarted xinetd. In the telnet file is diplayed " user = root". There is no group. Thanks. |
Sorry, I meant from WinXP I "telnet -l username x.x.x.x". Maybe that is the problem but I don't have another Linux box to test from right now. When I try to "telnet -l username x.x.x.x" I get the same error.
|
This have worked for me (with debian and inetd). One thing that might be it is that have you chmodded the /usr/local/bin/autologin to an executable (chmod +x /usr/local/bin/autologin)?
As for the telnet, you should be able to telnet locally. That is, in the linux box you could write "telnet localhost" and get yourself logged on as the autologin user. One way to test if the problem has something to do with xinetd, is to start the telnetd by hand by running (as root): Code:
in.telnetd -debug 5544 -L /usr/local/bin/autologin |
I did need to chmod it with "x". Now it autologs in with a blinking cursor like this:
Red Hat Linux release 9 (Shrike) Kernel 2.4.20-8 on an i686 | but I can't do anything. I need to access an SMB mount. Once it logs in, there is a database on an NT box that is mounted that these handhelds need to access. Thanks again for the help. |
hmm.. even more reduced test: Run command (as root):
Code:
/usr/local/bin/autologinIf not, there is still some problems with the autologin script. If your script is exactly the same as the one i wrote in the earlier post (with appropriate username ofcourse), then your[Redhats] login program sucks. Get a working copy from debian or try to replace the login part with something like "/bin/su - useraccount" (uglier way to get allmost the same thing done). |
| All times are GMT -5. The time now is 05:53 PM. |