HP-UX 11i Version 2 Release Notes (October 2003)
Internet and Networking
Internet Services
Chapter 6
144
• btmps (4)
• utmpd (1M)
• getuts (3C)
• bwtmps (3C)
Obsolescence
Not applicable.
Secure Internet Services
Secure Internet Services (SIS) is an optionally enabled mechanism that incorporates
Kerberos V5 authentication and authorization for remote access services: ftp, rcp,
remsh, rlogin, and telnet.
Summary of Change
• The following new options have been added in SIS:
fallback The fallback option is available in all the SIS clients (namely
rlogin, ftp, rcp, remsh and telnet) and are set in the
[appdefaults] section. If the fallback option is set to true and
the Kerberos authentication fails, SIS clients use the non-secure
mode of authentication. Refer to the krb5.conf (4) manpage for
more information on the [appdefaults] section.
-f and -F For remsh, rlogin and telnet, the options -f and -F are set in
the \etc\krb5.conf file with the tag names forward and
forwardable, respectively.
The -f option instructs telnetd to use the normal authentication
mode whenever the telnet client communicates NULL type in the
authentication option negotiation.
NOTE Command-line options override the configuration file options.
• IPv6 has now been enabled for R-commands:
To enable IPv6 functionality in the SIS environment for R-commands, first change
tcp to tcp6 for the following two entries in the /etc/inetd.conf file:
# kshell stream tcp nowait root /usr/lbin/remshd remshd -K
# klogin stream tcp nowait root /usr/lbin/rlogind rlogind -K
Next, restart inetd using the command inetd -c.
NOTE You must change the /etc/inetd.conf file only if the interface is configured for
IPv6 functionality.
• Kerberos is supported in an IPv6 environment for ftp, r-commands, and telnet.