[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Future of kerberised telnet, login, rsh, ftp?

>It is another thing I prefer about ssh, security happens at the lowest
>possible layer, so there is no chance an attacker can inject unwanted
>data into the data stream.

Ah, that's one thing I remember now; it wasn't possible to turn encryption
_off_ in ssh.  We force people to use encryption for interactive sessions,
but don't require it for bulk data transfer.  It's easy to segment this
out with different utilities (rcp versus rsh required writing some extra
code, but it wasn't hard).  Encryption sucks when you're rcp'ing around
a few terabytes (and yes, we have people that do that all of the time).