Re: secure router access

North American Network Operators Group

Re: secure router access

From: Dean Anderson
Date: Fri May 15 02:05:11 1998

At 12:21 AM -0400 5/15/98, Perry E. Metzger wrote:
>URL or no, I've played with both kerberized NCSA telnet and SSH --
>anyone who claims that setting up and maintaining a KDC is as easy as
>the "point and shoot" rlogin replacement portion of SSH hasn't really
>tried both possibilities. SSH is far simpler -- its almost foolproof,
>and it requires no infrastructure commitment to run.

You still have to setup sshd and appropriate user accounts.  WRT Cisco you
would need something like Tacacs or RADIUS, which would also need to be
setup.   These aren't exactly "point and shoot" either.

If you have trouble setting up kerberos, try kerbnet from Cygnus.

I grant that Kerberos is a bit more sophisticated, and slightly more
complicated, though.

Not to mention that there is also sslTelnet.

		--Dean

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
           Plain Aviation, Inc                  [email protected]
           LAN/WAN/UNIX/NT/TCPIP/DCE      http://www.av8.com
           We Make IT Fly!                (617)242-3091 x246
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Follow-Ups:
- Re: secure router access Randy Bush

References:
- Re: Core router bakeoff? Michael Dillon
- secure router access Perry E. Metzger

Prev by Date: Re: Core router bakeoff?
Next by Date: Re: Zone file access
Date Index
Thread Index
Author Index
Historical