I guess that password complexity is not the issue here. It's
incredibly easy to 'sniff' plain text passwords off of a LAN! However if
your happy no one is going to attempt this then telnet without ssh is
Just my twopennyworth.
32865e97b5342e762ab140e00f3da23b - Just 'Debian'
On Thu, 27 Apr 2000, Noah L. Meyerhans wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> On Thu, 27 Apr 2000, w trillich wrote:
> > # apt-get install ssh
> > Reading Package Lists... Done
> > Building Dependency Tree... Done
> > Package ssh has no available version, but exists in the database.
> > This typically means that the package was mentioned in a dependency and
> > never uploaded, has been obsoleted or is not available with the contents
> > of sources.list
> > E: Package ssh has no installation candidate
> Add the following line to /etc/apt/sources.list:
> deb http://non-us.debian.org /potato/non-US main contrib non-free
> On the other hand, I do not feel as strongly as other posters that telnet
> needs to be disabled in order to have a secure machine. Strong passwords
> will work just as well. I have an account on a large Solaris network
> where telnet has been open for ages, and will continue to be. The passwd
> program in *incredibly* anal about ensuring that all passwords are
> complex. To my knowledge there has never been a significant security
> breach on this network.
> PGP Public Key available at http://web.morgul.net/~frodo/mail.html
> or by `finger -l firstname.lastname@example.org`
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.3a
> Charset: noconv
> -----END PGP SIGNATURE-----
> Unsubscribe? mail -s unsubscribe email@example.com < /dev/null
- Re: hacked?
- From: "Noah L. Meyerhans" <firstname.lastname@example.org>