Subject: Re: Latest CERT advisory on telnet vs. Kerberos
To: None <current-users@NetBSD.ORG>
From: Paul Dokas <>
List: current-users
Date: 02/22/1995 20:44:43
> >The telnet source shipped with NetBSD has had all the code bounded by
> >#ifdef ENCRYPTION removed. This allows it to be exported from the
> >U.S. However since the current ENCRYPTION implementation is tightly
> >coupled with the AUTHENTICATION code I can only suspect that some of
> >that has been removed also.
> Now that we (U.S. users) have /usr/src/domestic, is it possible that
> an unmangled version of telnet et. al. will show up there?

Just so that you know, a fairly recent version of telnet is available
with the KerberosV-beta4 release from  The whole
thing almost compiles out of the box.  But with a few quick fixes it
does all compile and function on NetBSD-1.0, including the telnet with
encryption.  If you want the patches, then email me and I'll mail them
around March 18, when this school term ends.

BTW, I know that this info does people outside of the US no good at
all.  Sorry about that, I let my congress-critter know my views on
crypto-export laws whenever possible.

Also, just FYI, the patch to telnet that was posted a few days ago
was against the KerberosV-beta4 release.

#include <stddisclaimer.h>            | Paul Dokas
Fnord!  Don't let the Gnomes get you. |