Re: Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.

To: debian-devel@lists.debian.org
Subject: Re: Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.
From: Andrew Suffield <asuffield@debian.org>
Date: Thu, 8 May 2003 13:36:41 +0100
Message-id: <[🔎] 20030508133640.A14598@doc.ic.ac.uk>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 20030508112458.GD5725@sliepen.eu.org>; from guus@sliepen.eu.org on Thu, May 08, 2003 at 01:24:58PM +0200
References: <[🔎] 200305080959.h489x0oC001445@haplo.sliepen.oi> <[🔎] 1052391378.686.13.camel@sybil.liw.iki.fi> <[🔎] 20030508112458.GD5725@sliepen.eu.org>

On Thu, May 08, 2003 at 01:24:58PM +0200, Guus Sliepen wrote:
> On Thu, May 08, 2003 at 01:56:18PM +0300, Lars Wirzenius wrote:
> 
> > > Rsh-redone is a reimplementation of the remote shell clients and
> > > servers.  It is written from the ground up to avoid the bugs found in
> > > the standard clients and servers.
> > 
> > Such as transmitting passwords in cleartext or relying on IP numbers for
> > authentication?
> 
> Sigh, you're obviously trolling.

So that would be a "no", then?

> If you have a network that is already
> secure (for example, behind a decent firewall, or a VPN), using ssh only
> means lots of unnecessary overhead. The lack of security in rsh is not a
> bug, it is just the way it is supposed to work.

Security should be end-to-end, not point-to-point. The sheer number of
times a site has been compromised because their "secure" network
wasn't and somebody was using rsh...

People who can create a genuinely secure network are invited to start
a consultancy firm; they could make millions.

-- 
  .''`.  ** Debian GNU/Linux ** | Andrew Suffield
 : :' :  http://www.debian.org/ | Dept. of Computing,
 `. `'                          | Imperial College,
   `-             -><-          | London, UK

Reply to:

Follow-Ups:
- Re: Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.
  - From: Guus Sliepen <guus@sliepen.eu.org>
- Re: Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.
  - From: Oliver Kurth <oku@masqmail.cx>
- Re: Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.
  - From: Steve Langasek <vorlon@netexpress.net>
- Re: Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.
  - From: Russell Coker <russell@coker.com.au>
- Re: Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.
  - From: Adam Borowski <kilobyte@duch.mimuw.edu.pl>
- Re: Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.
  - From: Brian May <bam@debian.org>
- Re: Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.
  - From: Josip Rodin <joy@srce.hr>
- Re: Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.
  - From: Mario Lang <mlang@debian.org>

References:
- Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.
  - From: Guus Sliepen <guus@debian.org>
- Re: Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.
  - From: Lars Wirzenius <liw@iki.fi>
- Re: Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.
  - From: Guus Sliepen <guus@sliepen.eu.org>

Prev by Date: Re: Manually getting security updates
Next by Date: Re: Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.
Previous by thread: Re: Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.
Next by thread: Re: Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.
Index(es):
- Date
- Thread