Date: Fri, 28 Feb 2003 14:13:41 -0600 From: Kirk Strauser <kirk@strauser.com> To: freebsd-stable@freebsd.org Subject: Re: Problem with telnet Message-ID: <874r6oduyy.fsf@strauser.com> In-Reply-To: <200302281559.h1SFxn6k044386@hugo10.ka.punkt.de> ("Patrick M. Hausen"'s message of "Fri, 28 Feb 2003 16:59:49 %2B0100 (CET)") References: <200302281559.h1SFxn6k044386@hugo10.ka.punkt.de>
next in thread | previous in thread | raw e-mail | index | archive | help
--=-=-= Content-Transfer-Encoding: quoted-printable At 2003-02-28T15:59:49Z, "Patrick M. Hausen" <hausen@punkt.de> writes: > I can think of a setup where the possibility of bugs in the much more > complex sshd application outweighs the remote chance of someone sniffing > by quite a margin. Honestly, I can't think of such a situation, but to each his own. > Think of ISP infrastructure, a switched network completely under your > control. Think of a cracker who breaks into a workstation and starts exploring... > OpenSSH has had its share of security holes and while I generally agree > with you that it's a good idea to use ssh where appropriate, I don't share > the general "telnet is bad because it's plain text hysteria" ;-) Once again, to each his own. Then again, I'm not as hardcore as my mentor, who insisted that any password that was accidentally sent in plaintext even once had to immediately be changed. Not that I'm arguing with his logic or think it was overkill. =2D-=20 Kirk Strauser In Googlis non est, ergo non est. --=-=-= Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD4DBQA+X8L55sRg+Y0CpvERAvUxAJ9ljM4mekaM7uETMiDs3ZeZ8UFlhQCTBltG PKNI/FYhpj7HbFE/8etHRw== =PWz7 -----END PGP SIGNATURE----- --=-=-=-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?874r6oduyy.fsf>