17 Dec
2003
17 Dec
'03
11:17 p.m.
Eric Hughes says:
The reason that encrypted telnet is a good thing is that modification at the network level requires kernel modification, and encrypting a telnet does not. Installing an encrypted telnet daemon does require sysadmin cooperation, but it doesn't mean recompiling the kernel.
Although running an encrypted IP stack does require sysadmin cooperation, it does not require a kernel rebuild -- John Ioannidis has built modloadable versions of most of the swIPe software.
As such, encrypted telnet is a good intermediate while the long term solution of encrypted IP gets developed and deployed.
Agreed -- sadly its arriving VERY slowly. 4.4BSD Lite comes with a standards-compliant encrypted telnet implementation, however. Perry