Mailinglist Archive: opensuse-security (138 mails)

< Previous Next >
Re: [suse-security] Re: Why Install Telnet by Default?
  • From: Randall R Schulz <rschulz@xxxxxxxxx>
  • Date: Thu, 8 Dec 2005 17:02:18 -0800
  • Message-id: <200512081702.18327.rschulz@xxxxxxxxx>

On Thursday 08 December 2005 16:39, John Summerfield wrote:
> ...
> >> I use ssh rather than telnet, rsh, rexec etc because it's more
> >> convenient. Mostly, I control the wire or go through a vpn I
> >> control.
> >
> > That depends, I guess, on how you define convenience. I know of
> > nothing about configuring or using SSH-based services that is more
> > convenient than using plain old (non-secure) telnet. (Even if
> > SSH-based services are taken out of the picture entirely, I still
> > have to type several passwords many times each day, so keyed access
> > isn't going to make my life much more convenient.)
> Using ssh, I can arrange for secure passwordless authentication.
> That's a greate convenience I could never achieve with telnet, though
> I did sort of fudge it with an expect script.

I'm surprised so many very security-conscious people think that
passwordless is such a good thing. Now you've made physical access to
your computer all that is required to gain access to all the other
hosts for which you've set up passwordless access. What's more, from
the perspective of the administrators of those systems, it's you who
has accessed their resources and you'll get the blame, at least
initially, for any malicious actions.

I don't find passwords so onerous that I've supplanted them with
passwordless access. I suppose it's just another aspect of being a
control freak.

> ...

Randall Schulz

< Previous Next >