on Sun, Aug 26, 2001 at 07:09:51PM -0400, Joey Hess (joeyh@debian.org) wrote: > Karsten M. Self wrote: > > I'll issue the standard advisory: telnetd is an insecure protocol and > > it's very strongly recommended that you *not* install or activate > > telnetd on your system. SSH is an encrypted, authenticated drop-in > > replacement, with clients available for all significant computing > > platforms. > > There is nothing vert insecure about ssl telnet (that I know of). Also, > I use plain telnet in a secure, if rather unlikely fashion here[1]. My complaint with telnet-ssl is more one of useage than implementation. By providing a feature with the same name use characteristics, and port access, as telnet, and endowing it with transparent fallback to insecure (non-SSL) access, there's a hazard that people will think "Oh, I've got *secure* telnet, so I'm safe". I'd rather get the unabridged, unconditioned, message out that telnet is evil, insecure, and bad, and should be avoided like the plague, and ssh used in its place. It's not strictly correct, but it's going to lead to a generally preferable usage pattern. And, no, SSH isn't perfect either, it can be abused, and it can be used insecurely, but you're slightly ahead of the game. Say, Joey, got a beer? And, BTW, your program can't count. Or spell. I think your computer's drunk. Whatever, it's slowing down something awful. Have you checked its loaded average? ;-) -- Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/ What part of "Gestalt" don't you understand? There is no K5 cabal http://gestalt-system.sourceforge.net/ http://www.kuro5hin.org Free Dmitry! Boycott Adobe! Repeal the DMCA! http://www.freesklyarov.org Geek for Hire http://kmself.home.netcom.com/resume.html
Attachment:
pgp9YuFMxo3qL.pgp
Description: PGP signature