North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: telnet vs ssh on Core equipment , looking for reasons why ?

  • From: Ariel Biener
  • Date: Tue Jul 31 18:44:09 2001

On Tue, 31 Jul 2001, Dave Israel wrote:

> 2) Your vendor's ssh authentication creates a secure connection, and
>  transfers the password securely, only to then send the password,
>  unencrypted, to an authentication server for verification, making
>  ssh moot.

Use local AAA users. Of course, this doesn't scale well if you have 200
routers.

--Ariel

--Ariel
> 
> -Dave
> 
> On 7/31/2001 at 11:54:38 -0400, Daniel Golding said:
> >
> > I believe that folks are having problems saying why they use SSH instead of
> > telnet, because the best practice is simply so self-evident.
> >
> > SSH gives you a measure of protection against bad people sniffing out your
> > passwords. Telnet does not. SSH is encrypted. Telnet is not. It's pretty
> > easy - only use telnet if you must. Use SSH if you possible can. Of course,
> > this also holds true for using scp instead of ftp, although scp isn't as
> > widely supported, yet.
> >
> > - Daniel Golding
> >
> > > -----Original Message-----
> > > From: [email protected] [mailto:[email protected]]On Behalf Of
> > > Mr. James W. Laferriere
> > > Sent: Tuesday, July 31, 2001 11:25 AM
> > > To: [email protected]
> > > Subject: Re: telnet vs ssh on Core equipment , looking for reasons why ?
> > >
> > >
> > >
> > >
> > > 	Hello All ,Thank you for the disertations & insight into the
> > > 	possible methods of compromising an authentication attempt .
> > >
> > > 	But , I am really interested more in 'Why' each responsible
> > > 	indidvual(s) chose either telnet or ssh to manager their Core
> > > 	equipment .
> > >
> > > 	ssh
> > > 	1 )	Has been the encrypted authentication .
> > >
> > > 	telnet
> > > 	1 )	Has been legacy OS's / Equipment olny supporting telnet .
> > >
> > > On Tue, 31 Jul 2001, Mr. James W. Laferriere wrote:
> > > > 	Hello All ,I have charged myself with trying to find a statistic
> > > > 	on how many individuals responsible for IP core equipment
> > > > 	recommend telnet or ssh & why particularly .I will summarize .
> > >
> > > 		Tia ,JimL
> > >
> > > +------------------------------------------------------------------+
> > >      | James   W.   Laferriere | System    Techniques | Give me
> > > VMS   |
> > >      | Network        Engineer |     P.O. Box 854     |  Give
> > > me Linux|
> > >      | [email protected] | Coudersport PA 16915 |   only
> > > onAXP |
> > >
> > > +------------------------------------------------------------------+
> > >
> >
> >
> 
> --
> Dave Israel
> Senior Manager, IP Backbone
> Intermedia Business Internet
> 

--
Ariel Biener
e-mail: [email protected]
PGP(6.5.8) public key http://www.tau.ac.il/~ariel/pgp.html