Everyone's talking about encrypted telnet. Has anyone at least READ the Kerberos FAQ? It's been in use for a while, and, to quote...

Kerberos is a network authentication system for use on physically insecure networks, based on the key distribution model presented by Needham and Schroeder.[3] It allows entities communicating over networks to prove their identity to each other while preventing eavsdropping or replay attacks. It also provides for data stream integrity (detection of modification) and secrecy (preventing unauthorized reading) using cryptography systems such as DES.

Practically speaking, Kerberos is mostly used in application-level protocols (ISO model level 7), such as TELNET or FTP, to provide user to host security. It is also used, though less frequently, as the implicit authentication system of data stream (such as SOCK_STREAM) or RPC mechanisms (ISO model level 6). It could also be used at a lower level for host to host security, in protocols like IP, UDP, or TCP

Being more 'official' than PGP, only a totally export-safe version has got out to ftp.funet.fi. Of course, it could be possible to patch PGP or something else into Bones, as the non-encrypting Kerberos is called.

An experimental Telnet Authentication Option has been defined, and is described in RFC1416. (see also RFC1411). These RFC's only define how /authentication/ is to be performed; the standard for full encryption is still under development.

An implementation of Kerberos V4 telnet is available via anonymous ftp from ftp.uu.net, in /networking/telnet.91.03.25.tar.Z, but it predates

The IETF Common Authentication Technology Working Group is currently defining security extensions for the FTP protocol. An Internet Draft describing their work, and the source code for a modified ftp/ftpd with the extensions, are now available thumper.bellcore.com:pub/lunt/ftp.tar.Z net-dist.mit.edu:tytso/ftp-wg/ftp.tar.Z

----------------------------------------------------------------------- Rishab Aiyer Ghosh "What is civilisation rishab@doe.ernet.in, rishab@dxm.ernet.in but a ribonucleic Voicemail +91 11 3760335; Vox/Fax/Data 6853410 hangover?" H-34C Saket New Delhi 110017 INDIA -----------------------------------------------------------------------