Date: Mon, 9 Oct 2000 00:55:54 -0700 (PDT) From: Matt Dillon <dillon@earth.backplane.com> To: Jordan Hubbard <jkh@winston.osd.bsdi.com> Cc: Warner Losh <imp@village.org>, Jeroen Ruigrok van der Werven <jruigrok@via-net-works.nl>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <200010090755.e997tsb02934@earth.backplane.com> References: <521.971068411@winston.osd.bsdi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
: :> We're kinda in a 'changing of the guard' situation in regards to :> telnet, rsh, rcp, rlogin, verses ssh. And we have been for about a :> year. The only thing holding the process up has been the patent issue :> and that is now gone. : :I have to disagree on telnet, as much as I happen to also dislike telnet. : :Picture the following scenario: You're working at a data center :setting up a dozen boxes in a rack and they are not as of yet on any :public network, they're simply hooked to a hub/switch and can talk to :one another and the windows laptop you have with you (since all the :really colorful network sniff/trace software works under windows). :You'd like to sit in the corner and use the laptop to log into each :box to further configure it, and let's further say that your laptop :just got Windows last week and is a pretty stock install. : :In the sterner new world you're describing, a whole bunch of extra :work is now required to go find another network at that data center :which talks to the outside so that something like putty can be :located, downloaded and intalled onto the Windows laptop so that it :can talk to these boxes by default at all. Either that or you need to :physically get to each box and turn telnetd back on again before you :can log in. It seems like it's making things more complex than they :need to be for an out-of-box configuration. If Windows and Macintosh :boxes supported ssh clients out of the box, perhaps I'd feel :differently. : :- Jordan I'm trying to imagine someone setting up a bunch of UNIX boxes in a rack using a windows laptop rather then a unix laptop... and failing. Normally I assume that my network is insecure, even if there are only UNIX boxes on it all under my control. Nobody in their right mind assumes a LAN with windows boxes on it to be even close to secure, so running telnet from a windows box to configure a bunch of UNIX machines makes even less sense then using the windows box (laptop) in the first place instead of a UNIX laptop. And also, in order to make telnet operate out of the box you have to setup a password anyway. Anyone booting a UNIX box with enough self-configuration to setup a password to telnet into can just as easily generate self-configuration to setup public and host keys and run sshd... and it's a hellofalot more secure. I think we'd be saving sysops from themselves by making them consider something other then telnet! I have not personally used telnet in at least four years - not now, not at home, not at BEST. -Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200010090755.e997tsb02934>