search for: unkerberized

...14, at 3:46 PM, Warren Young <wyml at etr-usa.com> wrote: > Now compare telnet: always vulnerable, all the time, since the day it was created, before most of the people on this list were born: Technically, you can run kerberized (krb5) telnet/telnetd, and it's not quite as insecure as unkerberized telnet. The telnet protocol supports security measures, but most people just use OpenSSH (which can do a lot more) so there's little effort being made to widely use it. I doubt the OP was setting up krb5 telnetd, though. -- Jonathan Billings <billings at negate.org>

..., Warren Young <wyml at etr-usa.com> wrote: >> Now compare telnet: always vulnerable, all the time, since the day it was created, before most of the people on this list were born: > > Technically, you can run kerberized (krb5) telnet/telnetd, and it's not quite as insecure as unkerberized telnet. That only protects the authentication stage. You have to add RFC 2946 encryption or TLS to encrypt the rest of the conversation, something you get for free with SSH. Then having done that, you get to seek out the rare clients that can speak these protocol extensions, whereas all SSH clie...

On Mon, Nov 24, 2014 at 11:38 AM, Leon Fauster <leonfauster at googlemail.com> wrote: > Am 24.11.2014 um 18:11 schrieb Frank Cox <theatre at melvilletheatre.com>: >> On Mon, 24 Nov 2014 08:46:33 -0600 >> John R. Dennison wrote: >> >>> Why are you wanting to use telnet in the first place? >> >> I don't know what his use case is, but I