Subject: Re: ssh
To: RJ Atkinson <firstname.lastname@example.org>
From: Simon J. Gerraty <email@example.com>
Date: 12/17/2000 23:50:09
>>I've been told that strong, user-level encryption
>>is available to telnet.
> It is not clear to me that the above is generally true,
>even if I knew what the author above meant by "strong" or
>"user-level" in this context.
Not sure what "he" meant either, but SSL telnet (eg my stelnet)
provides authentication via X.509 certs (typically 1K),
with support for CRL's etc - much better situation that the
RSA authentication in SSHv1, and stream ciphers (pick your favourite)
with 256bit keys.
This is "user-level" security in that the telnetd knows if it gets
connection the level of security it offers. With say link level
security its often a false sense of security.
> There were several different research projects on that,
>but none was ever widely available. It is not clear to me
>whether any of the Telnet security enhancements provided security.
Oh? Don't know which ones you are thinking of, but I'm pretty sure
stelnet did the job.
But as I said in my first post - which I failed to cc to the list
I use SSH just as much or more than the SSL based tools I wrote,
because SSH has features that I didn't want in those more restrictive
tools but find handy in many envs - eg X forwarding ;-)
And lets face it - everyone uses SSH.
The biggest problem with "secure" telnet - as you noted, is lack of