[Asterisk-Users] telnet and Root
Chris Travers
chris at metatrontech.com
Mon Aug 23 08:31:55 MST 2004
Steve Szmidt wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>On Friday 20 August 2004 06:02 am, Thomas Kuepper wrote:
>
>
>>use ssh instead of telnet. telnet is a bad idea.
>>
>>
>
>And the reason telnet is a bad idea, is because it sends the password in clear
>text. Today there's no valid reason to use telnet over ssh.
>
>
First of all, Kerberos comes with a telnet server which can be as secure
as OpenSSH. Also, I wouldn't be surprised if Microsoft starts using
kerberized telnet as part of their SFU (last time I asked, they were
concerned about licensing issues with OpenSSH and had no plans to
include it).
So telnet might not be as dead as one might think. However, One must
take care when using Kerberized telnet servers for important
administration because they can be easily misconfigured not to encrypt
the session or to fall back on plain text transfers.
Also, many binary distributions of openssh don't support kerberos, which
makes kerberized telnet more scalable in many instances.
Best Wishes,
Chris travers
Metatron Technology Consulting
-------------- next part --------------
A non-text attachment was scrubbed...
Name: chris.vcf
Type: text/x-vcard
Size: 127 bytes
Desc: not available
Url : http://lists.digium.com/pipermail/asterisk-users/attachments/20040823/21120040/chris.vcf
More information about the asterisk-users
mailing list