[Search for users]
[Overall Top Noters]
[List of all Conferences]
[Download this site]
| Title: | SEAL |
|
| Moderator: | GALVIA::SMITH |
|
| Created: | Mon Mar 21 1994 |
| Last Modified: | Fri Jun 06 1997 |
| Last Successful Update: | Fri Jun 06 1997 |
| Number of topics: | 1989 |
| Total number of notes: | 8209 |
Hi,
I have installed avfw 2.1 for unix. Now, the customer
wants to have remote management (with all the implications,
e.g. security hole).
My problem: I have done everything like in Application Note 13,
but it doesn't seem to work.
1. I have entered a new user for login (with XSysAdmin)
2. I have modified the services and inetd files as specified
3. I modified the auth-usermap file
4. I have entered a new user for authentication via the gui
(and via configuration files). I have given this user
a one-time password for incoming via the external interface
and a reusable passwort for coming via the internal interface.
5. I have modified the onpw-servfile / pw-servfile
(is this really necessary ? By default, the files are
containing wildcards, so every user should use every service)
6. I have rebooted (!)
What happend ?
When I tried to telnet to the firewall (external side) to
port 8023 (like in App.Note 13), I have to login as
usual. I have entered the username and the appropriate password.
Then, the authlogin came up and asked me for a username
and afterwards for the appropriate one-time password. That
worked fine. Finally, the firewall asked for the service
[telnet] or [telnet,shell] depending on the contents
of the auth-usermap file. When I entered "telnet" I
was asked for a hostname... ? What hostname do I have
to enter ??? When I enter the name of the firewall,
I got connected to the telnet-relay (when activated).
That's corrected, but that's not what I expected...
When I entered "shell", the firewall asked me again
to enter my username and one-time password (I generated
a new password meanwhile). So, I got over this step, but
it was a loop... Nothing more.. What's going wrong ??
2.
When I came in from the internal interface, I expected
to be asked for my reusable password ! BUT, I was always
asked for my one-time-password of the external interface.
Mmmhhh... is this a bug ??? If I use the telnetxd for
authentication over the firewall, everything works fine,
so it might be a problem with authlogin ???
Any help appreciated.
Thanks
torsten
[Posted by WWW Notes gateway]
| T.R | Title | User | Personal
Name | Date | Lines |
|---|
| 1939.1 | problem fixed | NNTPD::"[email protected]" | torsten kerschat | Tue Apr 29 1997 09:29 | 7 |
| OK. I have the following mistake: I have taken only one
user and not two ! The first to log on and get authlogin
and the second to login with a shell... shiii...
But the last problem with the reusable passwort still
remains.. :-(
Torsten
[Posted by WWW Notes gateway]
|