2.2.1 Telnet Authentication Option Command SEND
When the Telnet Authentication Option command (as specified in [RFC2941]) is SEND, the Telnet: NTLM Authentication Protocol specifies how an implementation must fill the authentication-type-pair-list field. This field is specified in [RFC2941] as being comprised of two subfields: AuthenticationType and Modifier. Telnet: NTLM Authentication Protocol does not specify any fields for the message other than those specified in [RFC2941].
The structure of these fields is specified in [RFC2941]. This section specifies how an implementation must use these fields in the context of the Telnet: NTLM Authentication Protocol, and specifies the structure of these fields for completeness and clarity.
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
AuthenticationType |
Modifier |
||||||||||||||||||||||||||||||
AuthenticationType (1 byte): A Telnet server MUST set the value of this field to 0x0F to request the use of NTLM as the preferred authentication mechanism. This AuthenticationType value indicates to the Telnet client that it must send the NTLM NEGOTIATE_MESSAGE.
-
Messages in which AuthenticationType is set to a value other than 0x0F MUST NOT be processed by the Telnet: NTLM Authentication Protocol.
Modifier (1 byte): This BYTE field specifies modifiers to the authentication method specified in the AuthenticationType field, as specified in [RFC2941]. The Telnet Authentication Option (as specified in [RFC2941]) defines Modifier as five 1-bit fields. The first two bits are processed as a pair, the AUTH_WHO_MASK bit and the AUTH_HOW_MASK bit. The third and fifth bits in the modifier are the ENCRYPT_MASK bits. These bits are used to determine if and how encryption is enabled. The fourth bit field is the INI_CRED_FWD_MASK bit. This bit is set either to INI_CRED_FWD_ON or INI_CRED_FWD_OFF.
-
In the context of the Telnet: NTLM Authentication Protocol, the following modifiers MUST be used when an implementation sends a message.
-
Modifiers
Symbolic value
Bit value(s)
AUTH_WHO_MASK
AUTH_CLIENT_TO_SERVER
0
AUTH_HOW_MASK
AUTH_HOW_ONE_WAY
0
ENCRYPT_MASK (2 bits)
ENCRYPT_OFF
0
INI_CRED_FWD_MASK
INI_CRED_FWD_OFF
0