tkTelnet v1.0 ---------------------------------- About tkTelnet ---------------------------------- tkTelnet is a utility to help automate logging into machines. tkTelnet was specifically designed to automate logging into machines via telnet. ---------------------------------- tkTelnet INSTALLATION Requirements ---------------------------------- tkTelnet needs: tcl7.4 tk4.0 expect5.17 You can obtain each of these programs at ftp.cme.nist.gov:/pub/expect. After verifying that you have the specified versions of the specified programs, you must edit the first line of tkTelnet.tcl and tkTelrun.tcl, so that they both contain the correct path to expectk/expect. You can then put tkTelnet.tcl and tkTelrun.tcl into any directory in your path, or the directory your currently in, and run it. ---------------------------------- Running tkTelnet ---------------------------------- Running tkTelnet is as easy as pointing and clicking. After loading tkTelnet, all you need to do is specify your host name, login name, and if you want, password. tkTelnet defaults to having only one button. Clicking your third mouse button on any button that does not say "Exit/Lock" will bring up a configure window. In the window you can change the name of the button, the host name, the login name, the password, and the method of telnet. NOTE: The password value will be masked and will only show *'s. The password value will default to "none". If you leave the value at "none", tkTelnet will prompt you for the password only when you load a new telnet session. This is good if you might be leaving your machine for any reason. You don't want unauthorized people logging in with your passwords. After you have changed all the values to what you like, you can click on the finish button to close the config window and use the settings. In order to open a new xterm window that will launch the telnet session, all you have to do is click on the button. Adding New Buttons: Click your middle mouse button while holding down shift, in the space between any of the buttons or use the Options menu and select new button. (ctrl-N) Removing Buttons: Click your second mouse button while holding down shift,on the button you would like to remove or use the Options menu and select kill button. (ctrl-K) Saving Existing Options:If you would like to save the buttons and button values in tkTelnet, you can go to the Options menu and select Save options. You can also enable save on exit, and just simply exit tkTelnet. NOTE: Passwords are *NOT* saved to disk! ----------------------------------- Locking tkTelnet ----------------------------------- If you decide to store your passwords in the password field, then you might want to use this feature of tkTelnet when you leave your machine. In order to lock tkTelnet from unauthorized use, all you have to do is click your third mouse button on the "Exit/Lock" button. tkTelnet will then prompt you for a password to use as the lock password. After you enter your desired password, tkTelnet will go into lock mode. Just retype your password and tkTelnet will unlock, showing all the buttons again. Side Note: After locking tkTelnet, you can still add new buttons and configure them. However, you cannot save options when tkTelnet is locked. ----------------------------------- Possible Security Loophole ----------------------------------- For all of you security fanatics, there is ONE possible security loophole. In order for the program to spawn the new telnet session each time, it has to write the host name, login name, and password to a file before executing tkTelrun.tcl. This file exists for about 1/10 of a second (depending on the speed of your system)and is then promptly deleted by tkTelrun.tcl. Unfortunately, the password is saved in plain text format for that 1/10 of a second. The reason tkTelnet.tcl does not send the host name/login name/password over the command line is because when you do a ps, it would show the whole command line including the password. In order to prevent hackers a chance to get the passwords, you should consider changing tkTelrun.tcl to readonly/executable and NOT writable. People might edit the script to store the password elsewhere, etc. ----------------------------------- Contacting the Author ----------------------------------- If you use this program, please let me know. Tell me if you like it or not, tell me what features you would like added, etc. You can reach me at: pately@vivanet.com or yatish@eecs.uic.edu Thank you for using tkTelnet.