Re: Need help on enhancing Telnet with srp

To: Marc Singer <elf@buici.com>, polavarapu deepti <polsdeep@yahoo.com>
Cc: debian-devel@lists.debian.org
Subject: Re: Need help on enhancing Telnet with srp
From: Russell Coker <russell@coker.com.au>
Date: Tue, 9 Sep 2003 18:10:12 +1000
Message-id: <[🔎] 200309091810.12741.russell@coker.com.au>
Reply-to: russell@coker.com.au
In-reply-to: <[🔎] 20030909065357.GA17812@buici.com>
References: <[🔎] 20030909035151.18660.qmail@web13505.mail.yahoo.com> <[🔎] 20030909065357.GA17812@buici.com>

On Tue, 9 Sep 2003 16:53, Marc Singer wrote:
> Tar said, I am not sure that what you want to do is possible with
> Telnet as the telnet protocol is content-free.  That is to say that it
> has no knowledge of when the user is sending a password and when the
> user is sending some other type of data.  As far as Telnet is
> concerned, the connection between the client and server is a simple
> bi-directional stream.  (I know this isn't entirely true, but close
> enough in this case.)  You probably need to write a new daemon to go
> with your client.

TELNET is an extensible protocol that allows many different options to be 
negotiated and transferred.  Passwords are one option and RFC2944 is quite 
clear about how it works.

Getting a telnet client and server to do this shouldn't be too difficult, 
although it may require combining the functionality of telnetd and /bin/login 
which will require some minor changes to the way things work.  But that's not 
insurmountable.

I suggest that the first thing to do is to modify the telnetd to have a dummy 
login.  EG have a fixed user-name/password before it does the usual telnetd 
thing, and run it with the option "-L /bin/bash".  That will provide a good 
test bed for the modified telnet client.  Once the client is tested and has 
been shown to work correctly then you can do the hard work (modifying telnetd 
and maybe merging /bin/login code) with a good test program.

Also I suggest submitting the changes for the telnet client to Debian before 
writing the telnetd code.  A telnet client with this functionality will be 
useful even if Debian contains no server code for RFC2944, I'm sure that 
other systems include server code and making Debian systems run as a client 
will be a useful addition.

> On Mon, Sep 08, 2003 at 08:51:51PM -0700, polavarapu deepti wrote:
> >  I have been going through RFC2944 for telenet
> > authentication:srp. I have already written code

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

Reply to:

References:
- Need help on enhancing Telnet with srp
  - From: polavarapu deepti <polsdeep@yahoo.com>
- Re: Need help on enhancing Telnet with srp
  - From: Marc Singer <elf@buici.com>

Prev by Date: Re: Bug#208508: bitmap vectorizers
Next by Date: Re: autoconf and setting prefix
Previous by thread: Re: Need help on enhancing Telnet with srp
Next by thread: Re: Need help on enhancing Telnet with srp
Index(es):
- Date
- Thread