Bill.. There are a couple of problems with your scheme. 1) You have to have this daemon already running on host B. I.e., you still need to have had (at one time) access to run this daemon. Basically, this means that you (or someone) has to have had root access to BOTH hosts A and B to set this up. Unless this becomes supported software, you can't guarantee that.... 2) How do you do key distribution? If you use Kerberos, then you need to have root access on host B. Otherwise, you need some way to securely get the encryption key from A to B.... 3) How do you deal with multiple encryptions? If you have more than one client who wants to use this program, you have to trust a single process (unless you run out of inetd, which requires #1) with all the different keys for all the different users! Basically, you're better off using ktelnet/ktelnetd to do this. In either case you have the same problem with modifying the workstation. Please, don't let this discourage you, but I think you might want to think this through a little more before you jump the gun! Have a Nice Day!!! :-) -derek PGP 2 key available upon request on the key-server: pgp-public-keys@toxicwaste.mit.edu -- Derek Atkins, MIT '93, Electrical Engineering and Computer Science Secretary, MIT Student Information Processing Board (SIPB) MIT Media Laboratory, Speech Research Group warlord@MIT.EDU PP-ASEL N1NWH