tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: rshd...



On Sun, Jul 15, 2012 at 10:43:03AM +0200, Anders Magnusson wrote:
> >>On 07/14/2012 10:45 PM, Lloyd Parkes wrote:
> >>>Is there any way at all that anyone can justify shipping rshd and friends 
> >>>as part of NetBSD? The only justification I can think of would be if rsh 
> >>>can do host verification via Kerberos, but ssh could do that too with the 
> >>>appropriate patches. At least telnet is a useful network diagnostic tool. 
> >>>Hmm, if we stopped shipping telnetd, would anyone notice?
> >>>
> >>There are (still) lots of systems that only can use rsh to communicate that 
> >>nothing can be done about.

In addition to this, one shouldn't forget that with IPv6 IPSec is an
requirement.  If you use IPSec for encryption and authentification of
two computers/systems anyway, why put ssh on top and do it again for the
communication of those two?

--
Matthias


Home | Main Index | Thread Index | Old Index