Topic: SME server refusing telnet connections

[logan]

Good day,

For development purposes in php i require for my sme server (lets call it keeper from here on) to telnet itself. This is used by php code to verify that a user on my side is also a user on keeper. Well this is my idea at least.

The problem:
in the shell on keeper if i use "telnet keeper" i receive an error stating the following:

trying 10.0.0.1
telnet: connect to address 10.0.0.1: Connection refused

While searching the contribs site i found a paragraph stating that telnet was removed from SME due to ssh being more secure.
I am still on the starter blocks of understanding SME, i thus ask for any assistance in getting keeper to accept telnet requests (if possible)

Thank you,

[william_syd]

yum install telnet-server

That will get it on your server. Now you have to integrate it with SME. Starting xinetd and opening ports.

ln -s /etc/rc.d/init.d/e-smith-service /etc/rc.d/rc7.d/S56xinetd

Have a look at http://smemirror.fullnet.co.uk/contribs/jmartens/RPMS/noarch/smeserver-vmware-server-0.0.1-4.el4.sme.noarch.rpm in regard to what needs to be done for xinetd.

It's late here. I'm sure others will help.

[logan]

Thank you william_syd for the info.
I shall use and see what the outcome is! Will also provide feedback.

[CharlieBrady]

For development purposes in php i require for my sme server (lets call it keeper from here on) to telnet itself. This is used by php code to verify that a user on my side is also a user on keeper. Well this is my idea at least.

I don't know how installing telnet would solve your problem. I also don't know what "on my side" means.

There are plenty of ways to determine whether a username is valid without enabling telnet into your server.

[logan]

I don't know how installing telnet would solve your problem. I also don't know what "on my side" means.

There are plenty of ways to determine whether a username is valid without enabling telnet into your server.

ok, let me try to explain my motivation for using telnet:

I am developing web-based applications for my company which is to be made available over the internet for fellow employees working out of country. For reasons specified by management i was instructed to create a simple login script to ensure only our employees have access and that only employees who have accounts on the SME may log in.
I basically want to have the employees use their SME usernames and passowrds to be able to log in, rather than make a new database and have the trouble of 'registering' every employee again in my database and code.

I was informed i could pass the employee-provided username and password and use them in a telnet command to the SME to check if they are valid users. Thus, if the script determines that the username and password can login to the SME via telnet command then they are legitimate users and must get access.

This is only my initial idea,the only one i have so far! ^^ But by testing this i will learn if applicable and if not i should be able to then determine other means with my new found knowledge.

If there are existing means by which i can do what i would like to do then please give me some information so i may research it and try it!

again, thank you!

[raem]

logan

Maybe this is useful
http://wiki.contribs.org/Htaccess

[logan]

logan

Maybe this is useful
http://wiki.contribs.org/Htaccess

i do think that this would be a MUCH easier way to implement seeing as i am going to use php. And getting php to talk to the server would have been a headache using the telnet, me thinks!

But i have hit a snag so to speak. I have done all per instructions on http://wiki.contribs.org/Htaccess#Procedure_-_authentication_against_all_sme_users but nothing happens, i can still access the page(s) without being prompted for a username and password?

The only thing i changed from the example is that i wanted to make the ibay html folder proteced. EXAMPLE: for the directory i stated "/home/...../ibays/development/html".
I am thinking i missed something, and i have a funny suspicion that it is something the tutorial assumes i already know, which i don't! ^^

[CharlieBrady]

I was informed i could pass the employee-provided username and password and use them in a telnet command to the SME to check if they are valid users. Thus, if the script determines that the username and password can login to the SME via telnet command then they are legitimate users and must get access.

This is only my initial idea,the only one i have so far!

Use imap/imaps login instead.

[william_syd]

but nothing happens

Just tried it and it appears to work.

https://secure.magicwilly.info/development/

Ibay settings...



Template

[root@c3 ~]# cat /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/50AddSecureIbayFolder

<Directory /home/e-smith/files/ibays/development/html>
AuthName "My Site Security Group"
AuthType Basic
AuthExternal pwauth
<Limit GET>
order deny,allow
require valid-user
</Limit>
</Directory>


[root@c3 ~]#


Note the spaces before and after.

Then..

[root@c3 ~]# expand-template /etc/httpd/conf/httpd.conf
[root@c3 ~]# /etc/rc7.d/S86httpd-e-smith restart

Close all browser windows then retry.

[logan]

YES! Now it seems to work, i will just have to test it with all the possible uses i may have.

I must say that i am slightly embarrassed by the error i made! ^^
In stead of .../templates-custom/etc/httpd/... i had .../templates-custom/etc/http/... by just miss spelling one letter...sigh!

Thank you to all for the assistance in this matter!

PS
it seems to work even with more restrictive settings on the selected Ibay.