Re: ssh vs. rsh

To: harpo@udel.edu (Will Lowe)
Cc: debian-devel@lists.debian.org
Subject: Re: ssh vs. rsh
From: James A.Treacy <treacy@debian.org>
Date: Tue, 27 Jan 1998 22:33:00 -0500 (EST)
Message-id: <[🔎] m0xxOFK-000DJGC@landru.math.uwaterloo.ca>
In-reply-to: <[🔎] Pine.LNX.3.95q.980127215448.3249A-100000@rivendell.rdny.udel.edu> from Will Lowe at "Jan 27, 98 09:57:09 pm"

> I'm trying to convince the sysadmins at my university to install ssh and
> run sshd on the main network,  but they claim it isn't much more secure
> because you can avoid sending passwords by using rsh and can do x
> forwarding with xrsh.
> 
> I'm really fond of ssh,  and have a few arguments I can use,  but I'm
> wondering if some people out there with more knowledge in security and X
> might be able to send me a few expanded summaries (or point me to a few)
> that I could quote or use.
> 

Not sending a passwd only avoids one obvious security hole. The r* commands
just aren't very secure. I wouldn't be surprised if those people think
.rhosts files are safe.

ssh does host authentication so you can have confidence you are connecting
to the machine you should be.

ssh encrypts the entire session, not just the password.

ssh is not only secure, it's easy to use.

- Jay


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

References:
- ssh vs. rsh
  - From: Will Lowe <harpo@udel.edu>

Prev by Date: Re: Package unions
Next by Date: Re: ssh vs. rsh
Previous by thread: ssh vs. rsh
Next by thread: Re: ssh vs. rsh
Index(es):
- Date
- Thread