Subject: Re: ssh
To: RJ Atkinson <rja@inet.org>
From: Warner Losh <imp@village.org>
List: tech-security
Date: 12/17/2000 22:53:00
I'd like to add that it gives you a secure tunnel, not necessarily tcp
over tcp, between two endpoints.  I can't do that with telnet (eg,
when someone connects to port N on machine X, initiate a secure
connection to port M on machine Y).  This simple feature is very nice
and solves a large class of problems.

I also like the fact that I can do all my interactive (slogin) and
non-interactive (ssh and scp) over 1 tcp port.  This makes configuring
firewalls easy.  For telnet I need some other file transfer protocol.
ftp is the only other one available, and it needs special hacks to
cope with firewalls (and vice versa).

Finally, with ssh I can set things up so that it forces encryption and
strong authentication.  I don't believe that the current telnet is so
configuratble (I could be wrong).

Warner