On 2022-07-17 01:49:53 -0400 (-0400), Timothy M Butterworth wrote: [...] > Telnet is old, insecure and should not be used any more. What is > the point of packaging a Telnet daemon when everyone should be > using SSH. Telnet Client I can see because a person may need to > connect to a router or switch that is still using telnet or hasn't > had SSH Certificates generated yet. My personal interest in Telnet clients is that MUDs (multi-user network text games/worlds) are still primarily designed as Telnet servers, albeit with varying degrees of support for the many extensions to the protocol which have become somewhat standard over the years. Clean libraries capable of reliably implementing an sshd for this purpose are a relatively recent thing, so I expect to see some MUDS appear with options for SSH protocol connections (and I've been noodling on ideas in that vein), but for now pretty much everything in that space is either Telnet based or entirely bespoke. Inetutils seems to only support the RFC 2946 "encrypt" extension, but some Telnet servers and clients include direct support for wrapping with SSL/TLS socket encryption (Netkit does) or implementing Jeffrey Altman's START-TLS draft proposal. Since authentication is generally handled independently of the daemon, it can work with a variety of single or multi-factor authentication backends including certificates, one-time-passwords, and so on. Also, if you're going to provide a Telnet client, it makes sense to include at least a reference implementation of a Telnet server in order to be able to validate its functionality. -- Jeremy Stanley
Attachment:
signature.asc
Description: PGP signature