Re: Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.
Andrew Suffield <asuffield@debian.org> writes:
> On Thu, May 08, 2003 at 01:24:58PM +0200, Guus Sliepen wrote:
>> On Thu, May 08, 2003 at 01:56:18PM +0300, Lars Wirzenius wrote:
>>
>> > > Rsh-redone is a reimplementation of the remote shell clients and
>> > > servers. It is written from the ground up to avoid the bugs found in
>> > > the standard clients and servers.
>> >
>> > Such as transmitting passwords in cleartext or relying on IP numbers for
>> > authentication?
>>
>> Sigh, you're obviously trolling.
>
> So that would be a "no", then?
>
>> If you have a network that is already
>> secure (for example, behind a decent firewall, or a VPN), using ssh only
>> means lots of unnecessary overhead. The lack of security in rsh is not a
>> bug, it is just the way it is supposed to work.
>
> Security should be end-to-end, not point-to-point. The sheer number of
> times a site has been compromised because their "secure" network
> wasn't and somebody was using rsh...
Erm, as a Beowulf cluster administrator, I can assure you that there are
uses for rsh.
In a cluster environment, ssh is just overkill.
--
CYa,
Mario | Debian Developer <URL:http://debian.org/>
| Get my public key via finger mlang@db.debian.org
| 1024D/7FC1A0854909BCCDBE6C102DDFFC022A6B113E44
Reply to: