North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: 'we should all be uncomfortable with the extent to which luck ..'
- From: Majdi S. Abbas
- Date: Wed Jul 25 17:23:46 2001
On Wed, Jul 25, 2001 at 02:45:44PM -0400, David Shaw wrote:
> telnetd is not inherently bad. It is a tool that is lacking the
> session encryption and strong authentication features of SSH, but is
> still useful in some cases. Like any tool it can be used poorly, but
> that is not the fault of the tool.
Agreed.
> For example, when traveling, I can log in securely from any random
> Internet cafe using OPIE or S/Key one-time passwords via telnet. SSH
> requires that you trust your local machine, and OPIE assumes that you
> don't.
Incorrect. OPIE assumes complete trust of your local machine,
but not the network. You still have to generate the hashes using your
password.
--msa
|
