[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: telnet: Encrypting the session key

> Want I want to see it more people stop using telnet and moving over to
> ssh/gssapi (both userauth and kex-exchange).

Reasons why that is not happening:

1 no ssh and sshd that support gssapi for both user and host key
  exhange on Unix (*) and expecially not on Windows.

2 no sshd implementaton where insecure and crufty code (**) is not
  compiled in.

3 no ssh implemenatation for Windows which has as good a terminal as ktelnet.

Please prove me wrong ;-)

I could help with 2 but not with 1 :-(


(*) I know that I can patch my OpenSSH with Simon's patch. But that does not
    help my users who want to download ssh for their Unix and just have it

(**) ssh and sshd would be much smaller and more maintainable if they
     just could remove all code supporing insecure options like the
     old protocols and cleartext passwords. Noone but crackers use the
     ssh1 path through sshd any more. #ifdef UNSECURE_MORON_AT_WORK