North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: 'we should all be uncomfortable with the extent to which luck ..'
On Wed, Jul 25, 2001 at 02:45:44PM -0400, David Shaw wrote: > telnetd is not inherently bad. It is a tool that is lacking the > session encryption and strong authentication features of SSH, but is > still useful in some cases. Like any tool it can be used poorly, but > that is not the fault of the tool. Agreed. > For example, when traveling, I can log in securely from any random > Internet cafe using OPIE or S/Key one-time passwords via telnet. SSH > requires that you trust your local machine, and OPIE assumes that you > don't. Incorrect. OPIE assumes complete trust of your local machine, but not the network. You still have to generate the hashes using your password. --msa
|