telnet-ssl (was Re: [TCLUG:12313] telnet as root)

[^chewie <chewie@wookimus.net>]

On Thu, Jan 13, 2000 at 02:48:57PM -0600, Nate Carlson wrote:
> 
> ...or just disable telnet altogether and make sure you have an ssh client.
> gotta hate plain text passwords flying over the internet...

plain-text passwords = bad

Answer: sshd and ssh or telnetd-ssl and telnet-ssl

Install on Debian with: 
    apt-get install ssh
    apt-get install telnetd-ssl telnet-ssl

For those curious, telnet-ssl connection output from the client looks like
this:

	-= Thu Jan 13 14:58:31 =-
	cwalstrom@chewie:~[511]$ telnet yoda.ltiflex.com
	Trying 209.98.238.113...
	Connected to ns.ltiflex.com.
	Escape character is '^]'.
	[SSL - attempting to switch on SSL]
	[SSL - handshake starting]
	[SSL - OK]
	Password: 

Pretty cool, huh?  Not as versatile as ssh, since ssh can also replace rcp
and rsh, but still, better than plain-text passwords.

The following was taken from /usr/share/doc/telnet-ssl/copyright:

	This package was split from netstd by Herbert Xu
	herbert@debian.org on
	Mon, 28 Sep 1998 16:50:43 +1000.

	netstd was created by Peter Tobias tobias@et-inf.fho-emden.de on
	Wed, 20 Jul 1994 17:23:21 +0200.

	It was downloaded from
	ftp://ftp.uk.linux.org/pub/linux/Networking/.

And the README reports, "This is netkit-telnet-0.14."

Which tells me that telnet with ssl support is part of the standard netkit
or netstd for Linux.  Your distribution may hack it out differently, but
in Debian, ssl support is compiled separately than standard non-ssl
support -- the encryption export restrictions for the US necessitate this
(telnet-ssl is found on the non-US site for Debian).

-- 
Chad Walstrom                         mailto:chewie@wookimus.net 
a.k.a ^chewie, gunnarr               http://wookimus.net/~chewie

"A problem is a chance for you to do your best." --Duke Ellington