From owner-freebsd-security  Thu Sep 28 07:29:37 1995
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.6.12/8.6.6) id HAA15392
          for security-outgoing; Thu, 28 Sep 1995 07:29:37 -0700
Received: from halloran-eldar.lcs.mit.edu (halloran-eldar.lcs.mit.edu [18.26.0.159])
          by freefall.freebsd.org (8.6.12/8.6.6) with SMTP id HAA15387
          for <security@FreeBSD.org>; Thu, 28 Sep 1995 07:29:33 -0700
Received: by halloran-eldar.lcs.mit.edu; (5.65/1.1.8.2/19Aug95-0530PM)
	id AA17677; Thu, 28 Sep 1995 10:27:23 -0400
Date: Thu, 28 Sep 1995 10:27:23 -0400
From: "Garrett A. Wollman" <wollman@lcs.mit.edu>
Message-Id: <9509281427.AA17677@halloran-eldar.lcs.mit.edu>
To: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?=
    (aka Andrey A. Chernov, Black Mage) <ache@astral.msk.su>
Cc: Mark Murray <mark@grondar.za>, security@FreeBSD.org
Subject: Re: Troubles with telnet encryption enabling.
In-Reply-To: <YiWIbQmGJ1@ache.dialup.demos.ru>
References: <199509280622.IAA16335@grumble.grondar.za>
	<YiWIbQmGJ1@ache.dialup.demos.ru>
Sender: owner-security@FreeBSD.org
Precedence: bulk

<<On Thu, 28 Sep 1995 10:54:08 +0300 (MSK), =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= (aka Andrey A. Chernov, Black Mage) <ache@astral.msk.su> said:

> No, encryption is separated from kerberos there, they must go
> independently (see "encrypt" command inside telnet too).
> It looks like client send encryption requests
> and daemon receive and parse them, but does nothing...

In what key do you expect to get your data encrypted?

That's why an authentication mechanism is required: it's what provides
the shared secret session key.

-GAWollman

--
Garrett A. Wollman   | Shashish is simple, it's discreet, it's brief. ... 
wollman@lcs.mit.edu  | Shashish is the bonding of hearts in spite of distance.
Opinions not those of| It is a bond more powerful than absence.  We like people
MIT, LCS, ANA, or NSA| who like Shashish.  - Claude McKenzie + Florent Vollant