On Thu, 5 Aug 1999, Claude Marinier wrote:

> I have been looking for a more secure way of using telnet and ftp from
> NetBSD (currently at 1.3.3 will move to 1.4.1 soon) on i386. The environ-
> ment here is mostly WinNT and Solaris. I manage some NetBSD systems; they
> provide DNS, DHCP, and gateway services. I seem to be the only one (along
> with a few VMS systems) who sends passwords in the clear on the network. I
> would like to change that.

You can do a lot with "ssh". I understand there are "telnet" clients
for WinNT that actually login on the ssh port (22). In general, you
can forward any port over an "ssh" connection.

> I have found the packages openssl and ssleay (in NetBSD packages). They
> seem to be libraries. Does this mean that I have to modify telnetd and
> ftpd sources? Are the servers supplied with NetBSD able to support SSL as
> is? Please suggest the best approach to achieve my goal.

"OpenSSL" is the direct descendant of "SSLeay". In fact, the "ssleay"
directory should be gone from the current pkgsrc. More information is
available on the OpenSSL homepage. There find a list of applications
that use the library,
 <http://www.openssl.org/related/apps.html>
some of which already have packages. Most of these will be found in
the security category, or have a name that ends in -ssl, or both. ;-)