[HECnet] Telnet/SSH attacks
Dave McGuire
mcguire at neurotica.com
Wed Nov 27 08:31:55 PST 2013
On 11/27/2013 11:26 AM, Ian McLaughlin wrote:
Encrypted telent? I am intrigued...
The Telnet protocol itself isn't encrypted - passwords are in
cleartext. Running telnet inside an SSH tunnel is different...
The Telnet protocol itself makes no promises about the presence OR
absence of encryption, and it has a very flexible do/don't/will/won't
option negotiation protocol. Kerberos-enabled telnet, in particular,
allows for automatic authentication and/or stream encryption, with
either enabled or disabled on an invocation-by-invocation basis.
This is far from new. I have been using it for over twenty years.
-Dave
--
Dave McGuire, AK4HZ
New Kensington, PA
More information about the Hecnet-list
mailing list