John, On Thursday 08 December 2005 16:39, John Summerfield wrote:
...
I use ssh rather than telnet, rsh, rexec etc because it's more convenient. Mostly, I control the wire or go through a vpn I control.
That depends, I guess, on how you define convenience. I know of nothing about configuring or using SSH-based services that is more convenient than using plain old (non-secure) telnet. (Even if SSH-based services are taken out of the picture entirely, I still have to type several passwords many times each day, so keyed access isn't going to make my life much more convenient.)
Using ssh, I can arrange for secure passwordless authentication. That's a greate convenience I could never achieve with telnet, though I did sort of fudge it with an expect script.
I'm surprised so many very security-conscious people think that passwordless is such a good thing. Now you've made physical access to your computer all that is required to gain access to all the other hosts for which you've set up passwordless access. What's more, from the perspective of the administrators of those systems, it's you who has accessed their resources and you'll get the blame, at least initially, for any malicious actions. I don't find passwords so onerous that I've supplanted them with passwordless access. I suppose it's just another aspect of being a control freak.
...
Randall Schulz