Skip to the Main Content

Note:These pages make extensive use of the latest XHTML and CSS Standards. They ought to look great in any standards-compliant modern browser. Unfortunately, they will probably look horrible in older browsers, like Netscape 4.x and IE 4.x. Moreover, many posts use MathML, which is, currently only supported in Mozilla. My best suggestion (and you will thank me when surfing an ever-increasing number of sites on the web which have been crafted to use the new standards) is to upgrade to the latest version of your browser. If that's not possible, consider moving to the Standards-compliant and open-source Mozilla browser.

April 8, 2006

SRP Telnetd for MacOSX Tiger

For several years now, I’ve been happily using SRP Telnet for my remote login needs. I was running version 2.1.1 until I recently decided to upgrade to 2.1.2. Unfortunately, in the interim, the MacOSX developer tools were upgraded to xcode 2.2 (gcc 4.0.2). With a few tweaks1, SRP still compiles, and the telnet client functions just fine. But the telnetd dæmon is DOA. Even going back to 2.1.1, the same thing happens: compiles OK, the client works fine, but the dæmon is dead.

Fortunately, I still had a working binary of SRP telnetd 2.1.1 lying around, so restoring service was relatively easy.

But I would like to get SRP to compile and produce a working telnetd binary. Here’s how I compiled SRP:

patch -b -p0 < srp.patch
./configure --enable-loginf --with-openssl=/sw
make

and here’s my patch file.

Does anyone have any experience getting SRP telnetd to compile/run on MacOSX Tiger? Any hints would be appreciated.

Oh, and please don’t ask: why don’t you just use SSH? I do use SSH for some purposes. For graphical logins, I tunnel VNC over SSH, I use rsync -e ssh and scp to securely copy files, etc. But SRP is more2 secure and it has the nice advantage that the telnet sessions don’t automatically get disconnected when the client (usually, my iBook) goes to sleep. I can wake the machine up and resume the session where I left off.

1 SRP always required some tweaks to compile on MacOSX. The new developer tools introduced some problems I hadn’t seen before (and which, perhaps, are the source of my difficulties).

The main changes revolve around the utmp/utmpx logging code. With recent versions of the developer tools, utmp seems to be deprecated (pututline() is absent) in favour of utmpx (pututxline(), etc.). SRP uses utmp by default (and, moreover, assumes that it is GNU’s version, which looks like utmpx) and, when it finds utmpx, it bizarrely logs to both. I rearranged the ifdefs in base/libmisc/utmp.c to use utmpx instead of utmp whenever HAVE_UTMPX_H is defined.

I don’t think that’s the source of my problems, because SRP telnetd dies before even negotiating a connection, let alone issuing a login prompt.

2 Be honest. How many times have you received the dreaded

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.

message from SSH and proceeded to login anyway?

Posted by distler at April 8, 2006 11:56 AM

TrackBack URL for this Entry:   https://golem.ph.utexas.edu/cgi-bin/MT-3.0/dxy-tb.fcgi/787



2 Comments & 0 Trackbacks

Re: SRP Telnetd for MacOSX Tiger

Thanks for your patch file! It’s now part of an installation script:

Compile SRP-enhanced telnet and ftp on Mac OS X

http://codesnippets.joyent.com/posts/show/8377

Posted by: jv on June 15, 2010 8:23 AM | Permalink | Reply to this

Re: SRP Telnetd for MacOSX Tiger

Well, unless you’re running MacOSX Tiger, I doubt very much that works.

MacOSX Leopard (and Snow Leopard) required a different set of patches.

Posted by: Jacques Distler on June 15, 2010 9:37 AM | Permalink | PGP Sig | Reply to this

Post a New Comment