Subject: Re: US crypto export resctrictions 'unconstitutional'
To: Tracy J. Di Marco White <>
From: Andrew Gillham <>
List: current-users
Date: 05/08/1999 00:15:57
Tracy J. Di Marco White writes:
> I use encrypted (kerberized) telnet both to and from my various
> NetBSD boxes, and it works quite well.  I also use kerberos passwords
> on some of them, it works just fine.  I don't use rsh or rlogin, so
> I don't see problems with them.

Hmm, there was something obvious that I was missing.  After hearing that
it should work, I looked at it some more, and it appears to work fine
with 'telnet -a host', instead of just 'telnet host' which generates a
'telnetd: Authorization failed', with 'telnetd -a valid' in /etc/inetd.conf.

Looking at the manpage, it is not obvious that '-a' enables kerberos support.

What are the chances of a kerberized rshd/rlogind making it into the tree?

> I use it regularly.  I find it a benefit.

Cool.  I think it is good to have it in the tree, but I think working versions
of rshd and rlogind are needed.  For our environment, we really need rsh
functionality, and have been using ssh for this.  We would prefer to have
a builtin solution, and 56bit DES is more than adequate in our environment.


Andrew Gillham                            | This space left blank                     | inadvertently.
I speak for myself, not for my employer.  | Contact the publisher.