Matt, why did you choose to implement your own protocol instead of adding a DH authentication/encryption type to telnet?
Marc
I've got one of those, too (it won't be ready for release too soon, though - telnet is big and ugly). An encrypting telnet and telnetd almost always provide a more appropriate way to do session encryption. However, there are some situations where ESM is really the only option. One is when you can't or don't want to install a daemon (e.g., for very occasional use). More importantly, by running within the session, ESM can provide end-to-end encryption across an untrusted application-layer firewall (like the one I go through to get between home and work). Since part of my motivation for working on these tools comes from wanting to use them myself, I'm building the stuff I need the most first. -matt