telnetd vs telnetd -a


 
Thread Tools Search this Thread
Special Forums Cybersecurity telnetd vs telnetd -a
# 1  
Old 07-21-2006
telnetd vs telnetd -a

Hi folks. I have a quick question on using "telnetd" vs. "telnetd -a".

OS: AIX 5.x (5.1 through 5.3 ML3)

Some engineers at work want to stop using "telnetd -a" and use "telnetd".
(and of course, if I could get a cogent answer from them, I wouldn't be posting this question...) Smilie

The man page for telnetd suggests that "telnetd -a" offers improved performance as follows:

-a Causes the PTY and socket to be linked directly in the kernel so that the data handling remains in the kernel to improve the performance.

I don't see a security issue here, so I'm guessing that there might be a memory issue related to this.

Barring a call to IBM (which I'm about to make), does anyone have a quick answer as to why *not* to use -a, or which option is preferred? Smilie

Thanks!

-Dave
Login or Register to Ask a Question

Previous Thread | Next Thread

8 More Discussions You Might Find Interesting

1. AIX

telnetd daemon

Hi, When a client connected to AIX server by telnet is killed/crashes, is there a way for telnetd to recognize that and close/kill the application linked/started by that telnet session? We have a situation where clients disconnect because of frequent network outages, this leaves the... (2 Replies)
Discussion started by: mreyaz
2 Replies

2. SCO

Telnetd Port Options

Ok, here i am in 2008 trying to figure out how to edit the port of Telnetd in sco openserver 4.2. I googled my butt off and cant seem to find any info. Does anyone have some specific howto's or good documentation on this? (2 Replies)
Discussion started by: j0ntar
2 Replies

3. Solaris

Can't start telnetd

Hello all, I've got a problem on a V240 running Solaris 9, the telnet daemon won't start. The error message I get is "telnetd: stdin is not a socket file descriptor." I've never seen this message before and I'm not exactly sure what it means. I know generally what stdin, sockets, and file... (4 Replies)
Discussion started by: ONEX
4 Replies

4. Solaris

telnetd bug!

hi mates, a very important info for all solaris admins, there is a bug in telnetd on nearly every solaris version: pressy@mp-wst01 # id uid=100(pressy) gid=1(other) pressy@mp-wst01 # telnet -l "-froot" 192.168.40.1 Trying 192.168.40.1... Connected to 192.168.40.1. Escape character is... (3 Replies)
Discussion started by: pressy
3 Replies

5. UNIX for Dummies Questions & Answers

telnetd: all network ports in use

I hope someone can enlighten me on this. A few weeks ago, the root file system my UnixWare 7.1.1 server became corrupt so I ended up doing a full restore of the OS from tape backup. Since then, after I get about 270 users on the system, the message "telnetd: all network ports in use" is... (1 Reply)
Discussion started by: davekox
1 Replies

6. UNIX for Dummies Questions & Answers

Get telnetd to start a process other than login

I want to be able to get telnetd to start a program of my choice or one that I have written . . . or . . . write a daemon of my own to listen on a port other than 23 and when a connection arrives it should create a controlling tty/pty and then launch my program on the client side of the pty. A... (2 Replies)
Discussion started by: pdenaro
2 Replies

7. IP Networking

in.telnetd[5115] -- compromised?

/* Linux Slackware */ looking in my logs I see tons of entries similar to below. Does anyone know what these mean, and should I be concerned. I looked up a few of the IP's at Arin.net and saw that many of them belong to isp's (not good).. Any information is helpful.. Body of Messages log... (1 Reply)
Discussion started by: LowOrderBit
1 Replies

8. UNIX for Dummies Questions & Answers

Linux and in.telnetd problems

Hi, This is not the usual "unable to telnet to my machine" post. I: * have ensured that in.telnetd is started from inet.conf * that hosts.allow/deny are correctly configured * in.telnetd is listening, and on the correct port When I check my syslog i notice that tcpd (as I have... (3 Replies)
Discussion started by: sam_pointer
3 Replies
Login or Register to Ask a Question
LOGIN(8)                                                      System Manager's Manual                                                     LOGIN(8)

NAME
login.krb5 - kerberos enhanced login program SYNOPSIS
login.krb5 [-p] [-fFe username] [-r | -k | -K | -h hostname] DESCRIPTION
login.krb5 is a modification of the BSD login program which is used for two functions. It is the sub-process used by krlogind and telnetd to initiate a user session and it is a replacement for the command-line login program which, when invoked with a password, acquires Ker- beros tickets for the user. login.krb5 will prompt for a username, or take one on the command line, as login.krb5 username and will then prompt for a password. This password will be used to acquire Kerberos Version 5 tickets (if possible.) It will also attempt to run aklog to get AFS tokens for the user. The version 5 tickets will be tested against a local krb5.keytab if it is available, in order to verify the tickets, before letting the user in. However, if the password matches the entry in /etc/passwd the user will be unconditionally allowed (permitting use of the machine in case of network failure.) OPTIONS
-p preserve the current environment -r hostname pass hostname to rlogind. Must be the last argument. -h hostname pass hostname to telnetd, etc. Must be the last argument. -f name Perform pre-authenticated login, e.g., datakit, xterm, etc.; allows preauthenticated login as root. -F name Perform pre-authenticated login, e.g., datakit, xterm, etc.; allows preauthenticated login as root. -e name Perform pre-authenticated, encrypted login. Must do term negotiation. CONFIGURATION
login.krb5 is also configured via krb5.conf using the login stanza. A collection of options dealing with initial authentication are pro- vided: krb5_get_tickets Use password to get V5 tickets. Default value true. krb_run_aklog Attempt to run aklog. Default value false. aklog_path Where to find it [not yet implemented.] Default value $(prefix)/bin/aklog. accept_passwd Don't accept plaintext passwords [not yet implemented]. Default value false. DIAGNOSTICS
All diagnostic messages are returned on the connection or tty associated with stderr. SEE ALSO
rlogind(8), rlogin(1), telnetd(8) LOGIN(8)