Subject: Re: ssh - are you nuts?!?
To: Jason R Thorpe <email@example.com>
From: Simon J. Gerraty <firstname.lastname@example.org>
Date: 12/17/2000 14:01:16
>There are OTP authentication mechanisms available for SSH. And an OTP
>authenticated telnet session isn't going to be encrypted, so you still
>run the risk of having your keystrokes sniffed.
Sniffing is perhaps the lesser issue. Without session integrity checks
(and encryption provides a good form), your authenticated telnet session
can be stollen from you - thus strong authentication by itself is