Subject: Re: Policy questions
To: John Hawkinson <jhawk@MIT.EDU>
From: Greywolf <>
List: tech-userlevel
Date: 01/02/2004 11:19:38
Thus spake John Hawkinson ("JH> ") sometime Today...

JH> Well, no. The issue that I raised is that we ought to have a tool to
JH> allow unencrypted file transfers without allowing unencrypted logins,
JH> and that netcat was the only tool I knew of that usefully allowed it.
JH> If there are other tools in common usage, I'd like to know what they
JH> are.

To restate it simply:

- rsh requires "preauthentication" to work; i.e. it will not prompt for a
  password if one is required.  It just bails at that point.

- ssh has too much overhead in the encryption and does not provide,
  by default, an unencrypted data channel.

- we need a new remote-access utility which will provide zero data encryption
  by default, while requiring true user authentication.

Did I miss anything?

Solaris 2 is not an upgrade from Solaris 1.  They just want you to THINK it is.