Re: RFC: Switch default from netkit-telnet(d) to inetutils-telnet(d)

[Philipp Kern <pkern@debian.org>]

On 19.07.22 16:05, Michael Stone wrote:
> On Sun, Jul 17, 2022 at 01:49:53AM -0400, Timothy M Butterworth wrote:
> > Telnet is old, insecure and should not be used any more. What is the 
> > point of
> > packaging a Telnet daemon when everyone should be using SSH. Telnet 
> > Client I
> > can see because a person may need to connect to a router or switch 
> > that is
> > still using telnet or hasn't had SSH Certificates generated yet.
> I personally use telnet to connect to systems whose ssh implementations 
> are old enough that they are no longer interoperable with current ssh. 
> Every system will eventually become an old system, and telnet has a much 
> better record of working over the long term than does ssh. Security 
> concerns have a place in determining defaults, but not in banning 
> software that other people find useful in a context that might not 
> matter to you.

I found the client-side very tolerant of ancient server-side 
implementations when the right kinds of switches are passed to it (e.g. 
KexAlgorithms and HostKeyAlgorithms). I have yet to be unable to 
actually connect to a target - even if it means fiddling increasingly 
with flags.

Kind regards
Philipp Kern