Date: Sat, 10 Feb 1996 18:48:17 -0700 From: Warner Losh <imp@village.org> To: Ollivier Robert <roberto@keltia.freenix.fr> Cc: mark@grondar.za, dima@FreeBSD.org, ache@astral.msk.su, current@FreeBSD.org Subject: Re: Kerberos @ freebsd.org? Message-ID: <199602110148.SAA02467@rover.village.org> In-Reply-To: Your message of Sun, 11 Feb 1996 01:21:59 %2B0100
next in thread | raw e-mail | index | archive | help
: The problem I have with Kerberos is that it does not -- to my knowledge -- : encrypt everything from a telnet session. So trafic from any X11 program : you start on the other side will not be encrypted. Kerberos encrypts *EVERYTHING* from a telnet session (at least an rlogin session). However, you are correct that there is no X proxie that participates in the encryption. : SSH does it _automatically_. When you think about it, if you were looking : for a reason to use it over Kerberos, you just got it. For those things that SSH does, yes. There is an X server proxies that offers encryption. That is a good feature of ssh. The X protocol isn't secure at all... I've not played with the ssh X server proxie at this time. However, ssh won't encrypt things like NFS traffic, mud traffic, etc. So there are some limitations to its realms. For example, there is no ssh enryption for FTP sessions at this time, while there is for Kerberos. So there is a balance there. Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199602110148.SAA02467>