Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
|
10-31-2003, 05:32 PM
|
#1
|
Member
Registered: Sep 2003
Distribution: RH9
Posts: 37
Rep:
|
telnet auto-login
I am running RH9 with 2 nics. What I would like to do is use the box as a router between 2 subnets that allows ssh on subnet A but allows a telnet login on subnet B with no login prompt. Essentially an autologin. No username and/or password used on the telnet login. Can this be achieved? How would I go about configuring the auto login part. I know the security risks of telnet, this is giong through an encrypted tunnel already. I just need the auto login part working.
Thanks for any help.
|
|
|
10-31-2003, 06:12 PM
|
#2
|
Senior Member
Registered: Oct 2003
Location: Zurich, Switzerland
Distribution: Debian/unstable
Posts: 1,357
Rep:
|
Not exactly answering to your question, but how about doing it with ssh?
Meaning that: - on a client:
and hitting enter when asked for password.
- copy ~/.ssh/id_dsa.pub to the server:s ~/.ssh/authorized_keys2 file (or append to it if you have more than one key)
- on client: type "ssh yourservername" and see the magic (no password prompt).
If you want to be able to log in from many computers, either copy the ~/.ssh/id_dsa to other locations as well or make an other key for other machines.
|
|
|
10-31-2003, 06:21 PM
|
#3
|
Member
Registered: Sep 2003
Distribution: RH9
Posts: 37
Original Poster
Rep:
|
Unfortunately, I am looking for no user interaction.
|
|
|
10-31-2003, 07:16 PM
|
#4
|
Senior Member
Registered: Oct 2003
Location: Zurich, Switzerland
Distribution: Debian/unstable
Posts: 1,357
Rep:
|
What do you mean by user interaction? You don't need user to input anything after the setup phase. That is, you can have scripts containing commands like
"ssh yourserver ls" or "scp yourserver:foo .".
You might have some other needs that can't be fullfilled with this ssh solution, what they might be?
|
|
|
11-01-2003, 01:49 PM
|
#5
|
Member
Registered: Sep 2003
Distribution: RH9
Posts: 37
Original Poster
Rep:
|
I am not looking for an ssh solution. There will be a small handheld device running a Linux OS but the person using the device has no screen or monitor and cannot enter a username and pass. The device needs to connect to an SMB mount from an NT server running proprietary software. It needs to connect via telnet but would be very beneficial to not have to login. Of course the handheld and software company have a solution but it costs major $ and the handheld runs Windowz CE. I was just try to give an open source solution. If I can get past this, I think I can do it. I just need to connect via telnet with no login.
|
|
|
11-01-2003, 09:27 PM
|
#6
|
Senior Member
Registered: Oct 2003
Location: Zurich, Switzerland
Distribution: Debian/unstable
Posts: 1,357
Rep:
|
ok, sounds reasonable.
Here is how to do it: - Do a wrapper login script, named for example /usr/local/bin/autologin which have the contents:
Code:
#!/bin/sh
/bin/login -f useraccount
, where useraccount is the name of the useraccount you wish to be logged on automaticly.
- Pass your new login-program as a parameter to the telnet daemon. That is, add "-L /usr/local/bin/autologin" as a parameter to the telnetd command. (Most probably found from /etc/inetd.conf.)
Two catches. Remember to restart your inetd and check that telnetd is run as root (the login program will not allow arbitrary person to login without authentication otherwise).
If you don't like the idea of running telnetd as root, you should recompile your own version of telnetlogin (in the telnetd package) that calls your own autologin instead of traditional login. But first try to get the system working with a telnetd running as root.
|
|
|
11-01-2003, 09:33 PM
|
#7
|
Senior Member
Registered: Oct 2003
Location: Zurich, Switzerland
Distribution: Debian/unstable
Posts: 1,357
Rep:
|
And sorry for skimping the information, just trying to guide people to do things by IMHO the easiest (and safest) way, which in your case was not possible due the special needs you have. 
|
|
|
11-02-2003, 06:36 AM
|
#8
|
Member
Registered: Nov 2003
Posts: 82
Rep:
|
Did you ever think about netcat ?
Netcat allows you to transfer files, execute commands on remote machines, without logging in and can be run without root privileges.
You say that the remote device runs Linux.
So, it might be possible to install netcat on it.
|
|
|
11-03-2003, 12:02 PM
|
#9
|
Member
Registered: Sep 2003
Distribution: RH9
Posts: 37
Original Poster
Rep:
|
I have no /etc/inetd.conf. I am currently running new install of RH9. I do have an xinetd.conf but nothing referring to telnet in there. There is a xinetd.d directory with a telnet file. When I add "-L /usr/local/bin/autologin" there and restart xinetd I can't login at all. I take the line out and I can login. In the telnet file there is a line that states "/usr/sbin/in.telnetd". I checked in.telnetd and I can't read anything in there.
Also, how do I check if telnetd is run as root. Thanks.
|
|
|
11-03-2003, 01:49 PM
|
#10
|
Senior Member
Registered: Oct 2003
Location: Zurich, Switzerland
Distribution: Debian/unstable
Posts: 1,357
Rep:
|
xinetd is newer version (or fork of) the inetd.
Did you made the autologin script first? What does it mean you can't login at all? Connection refused, permission denied, or what is the problem.
At least in debian, the telnetd is run as an user named 'telnetd', group 'telnetd'. You should add (or replace old ones) lines "user = root" and "group = root" to the configuration block in the telnet file.
Also the syntax of parameter passing is not same in xinetd. To give parameter to a service, you have to put a line "server_args = -L /usr/local/bin/autologin" to the telnet file (and keep the server field containing just "/usr/sbin/in.telnetd".
|
|
|
11-03-2003, 05:23 PM
|
#11
|
Member
Registered: Sep 2003
Distribution: RH9
Posts: 37
Original Poster
Rep:
|
What I meant by can't login was connection refused, but that is gone now.
Now, I have entered the "server_args = -L /usr/local/bin/autologin" in the telnet file and I have created the script as well. I get the error "telnetd: /usr/local/bin/autologin: Permission denied" when telnetting from a Win2K with "telnet -l username x.x.x.x". The username I am using has an account on the Linux box. As well, I have also restarted xinetd.
In the telnet file is diplayed " user = root". There is no group.
Thanks.
|
|
|
11-03-2003, 05:29 PM
|
#12
|
Member
Registered: Sep 2003
Distribution: RH9
Posts: 37
Original Poster
Rep:
|
Sorry, I meant from WinXP I "telnet -l username x.x.x.x". Maybe that is the problem but I don't have another Linux box to test from right now. When I try to "telnet -l username x.x.x.x" I get the same error.
|
|
|
11-03-2003, 11:19 PM
|
#13
|
Senior Member
Registered: Oct 2003
Location: Zurich, Switzerland
Distribution: Debian/unstable
Posts: 1,357
Rep:
|
This have worked for me (with debian and inetd). One thing that might be it is that have you chmodded the /usr/local/bin/autologin to an executable (chmod +x /usr/local/bin/autologin)?
As for the telnet, you should be able to telnet locally. That is, in the linux box you could write "telnet localhost" and get yourself logged on as the autologin user.
One way to test if the problem has something to do with xinetd, is to start the telnetd by hand by running (as root):
Code:
in.telnetd -debug 5544 -L /usr/local/bin/autologin
and trying to telnet to port 5544 ("telnet localhost 5544"). If this works, then there is some problem with xinetd configuration. If even this doesn't work, there probably is something wrong with the autologin script or the telnet daemon (It might be that your telnetd or login works differently than in the debian [unlikely, but possible.]) .
|
|
|
11-04-2003, 12:51 PM
|
#14
|
Member
Registered: Sep 2003
Distribution: RH9
Posts: 37
Original Poster
Rep:
|
I did need to chmod it with "x". Now it autologs in with a blinking cursor like this:
Red Hat Linux release 9 (Shrike)
Kernel 2.4.20-8 on an i686
|
but I can't do anything. I need to access an SMB mount. Once it logs in, there is a database on an NT box that is mounted that these handhelds need to access. Thanks again for the help.
|
|
|
11-04-2003, 02:20 PM
|
#15
|
Senior Member
Registered: Oct 2003
Location: Zurich, Switzerland
Distribution: Debian/unstable
Posts: 1,357
Rep:
|
hmm.. even more reduced test: Run command (as root):
Code:
/usr/local/bin/autologin
Do you get yourself logged in to the system?
If not, there is still some problems with the autologin script. If your script is exactly the same as the one i wrote in the earlier post (with appropriate username ofcourse), then your[Redhats] login program sucks. Get a working copy from debian or try to replace the login part with something like "/bin/su - useraccount" (uglier way to get allmost the same thing done).
|
|
|
All times are GMT -5. The time now is 07:52 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|