Subject: Re: Latest CERT advisory on telnet vs. Kerberos
To: None <current-users@NetBSD.ORG>
From: Paul Dokas <email@example.com>
Date: 02/22/1995 20:44:43
> >The telnet source shipped with NetBSD has had all the code bounded by
> >#ifdef ENCRYPTION removed. This allows it to be exported from the
> >U.S. However since the current ENCRYPTION implementation is tightly
> >coupled with the AUTHENTICATION code I can only suspect that some of
> >that has been removed also.
> Now that we (U.S. users) have /usr/src/domestic, is it possible that
> an unmangled version of telnet et. al. will show up there?
Just so that you know, a fairly recent version of telnet is available
with the KerberosV-beta4 release from athena-dist.mit.edu. The whole
thing almost compiles out of the box. But with a few quick fixes it
does all compile and function on NetBSD-1.0, including the telnet with
encryption. If you want the patches, then email me and I'll mail them
around March 18, when this school term ends.
BTW, I know that this info does people outside of the US no good at
all. Sorry about that, I let my congress-critter know my views on
crypto-export laws whenever possible.
Also, just FYI, the patch to telnet that was posted a few days ago
was against the KerberosV-beta4 release.
#include <stddisclaimer.h> | Paul Dokas
Fnord! Don't let the Gnomes get you. | firstname.lastname@example.org