John, On Thursday 08 December 2005 09:02, John Summerfield wrote:
Randall R Schulz wrote:
Allen,
On Thursday 08 December 2005 08:37, Allen wrote:
Telnet is only insecure because it sends usernames and passwords in the clear and that's a bad idea over the internet because it can be snooped. However, on a LAN where you want to tinker, this is fine.
It's also not secure in that it sends _all_ the data, inbound and outbound, unencrypted.
Just like postfix, sendmail, exim, qmail, zmailer and every other MTA.
So? My point is no less valid because it applies elsewhere, too.
More people send more confidential data by unencrypted email than they do by telnet, and I don't recall anyone saying "don't use email."
More people are fools than wise, yes?
Yeah, sometimes someone mentions it's insecure, usually they don't say why, but as soon as someone mentions telnet, they say, Ooh, don't do that, it's insecure."
It's the telnet _protocol_ that lacks security features: don't blame the servers and clients for doing what the telnet STDs say they must.
I didn't think there was any blame going on here. And if you're going to take that approach, then you must acknowledge that there are secure email transfer formats that are widely implemented.
I use ssh rather than telnet, rsh, rexec etc because it's more convenient. Mostly, I control the wire or go through a vpn I control.
That depends, I guess, on how you define convenience. I know of nothing about configuring or using SSH-based services that is more convenient than using plain old (non-secure) telnet. (Even if SSH-based services are taken out of the picture entirely, I still have to type several passwords many times each day, so keyed access isn't going to make my life much more convenient.) Randall Schulz