TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [TCLUG:20646] Root login
^chewie said:
> Telnetd isn't bad, really. As long as you provide the SSL layer to
> it. ;-) Purge the standard, unencrypted telnetd with the much better
> telnetd-ssl ;-). SSH is nice, but it isn't the ONLY answer.
Except, IIRC, telnet-ssl falls back to standard telnet if the other end isn't
using SSL. If you're running the telnet-ssl client, you get a nice little
warning that encryption isn't available and you can decide whether to
continue and all is good in the world. However, if the telnet-ssl server
falls back to plaintext, it's just as bad as running (that connection over) a
non-SSL-enabled telnetd - passwords for accounts on your system are still
made available to anyone with a packet sniffer.
--
"Two words: Windows survives." - Craig Mundie, Microsoft senior strategist
"So does syphillis. Good thing we have penicillin." - Matthew Alton
Geek Code 3.1: GCS d- s+: a- C++ UL++$ P+>+++ L+++>++++ E- W--(++) N+ o+
!K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI++++ D G e* h+ r++ y+