Re: Secure Telnet

jhall@xxxxxxxxxxxxxx wrote:
I am working with one of my vendors and they are asking for a secure
telnet program on my FreeBSD box.


fbsd06@xxxxxxxxxxxxxxxxxxx wrote:

> What's wrong with ssh?

Indeed. Perhaps you can tell us what client the vendor is using; it
seems likely that most programs that do "secure telnet" will also talk
to sshd. If they're using Windows (most likely) and don't have a
particular "must use" client, PuTTY is fine, and does SSH and telnet
pretty well.

Can anyone recommend a port for the secure telnet program, or a source
where I can obtain one?

Interestingly enough, if you take a look at the Makefile in
src/libexec/telnetd/ it seems to indicate that FreeBSD's telnetd is
compiled with SSL support; you might attempt telnet from within the BSD
box and see if it works, as telnet(1) seems to indicate that data is
encrypted by default. Grab packets and see if you can read things like
passphrases ;-) [1]

I was able to make rlogin work (from my laptop), but I was not able to
use
rlogion from the FreeBSD box since I need to connect to a non-standard
port (2002).

Interesting choice of numbers; ssh is port 22. Are you sure they're not
open to using ssh?

As an alternative, is it possible to make the rlogin client
connect to a non-standard port?

I wouldn't think of rlogin as an alternative, and, no, the manpage
doesn't seem to indicate this. Also, unless this system isn't publicly
available (and the need for "secure telnet" from a "vendor" seems to
indicate that this isn't the case), you shouldn't allow rlogin; once
again, ssh can do anything rlogin/rsh can, and do it with encryption.

Kevin Kinsey
DaleCo, S.P. (Jasper, MO!!! Hi!)

[1] Keep in mind that there **must** be a reason why SSH is preferred
over telnet, even if telnet supports SSL/Kerberos/TLS/Whatever, and
encourage the use of ssh from your vendor if possible.

--
Progress is impossible without change, and those who
cannot change their minds cannot change anything.
-- George Bernard Shaw



Thanks. I'll see if there is the "preferred method", and ssh is an
alternative.


Jay

_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"

Relevant Pages

  • RE: Commentary on the seven words
    ... When I was an operating systems programmer we all too often forgot that the Operating system existed to support the application, not the other way around. ... A Because the application that we run uses a telnet client that doesn't support ssh - and that's why I can't run ssh on this system. ... I administrate one system that has 128 clients on it and it's ...
    (RedHat)
  • Re: Commentary on the seven words
    ... A Because the application that we run uses a telnet client that doesn't ... support ssh - and that's why I can't run ssh on this system. ... General Red Hat Linux discussion list ... >operating system and utility advice and assistance and there are SEVEN ...
    (RedHat)
  • Re: Commentary on the seven words
    ... routinely asked to help with enabling rsh and telnet. ... Shoot, I use SSH & all that, but if I wanted to allow it for some ... > I wrote in with a complaint that Linux will allow a process (like Tar, ... I administrate one system that has 128 clients ...
    (RedHat)
  • Re: Forward SSH to local port (without having sshd connect to other service)
    ... ssh session is created between remote sshd process and local ssh ... Local end of the ssh connection is forwarded to another local port ... client$ telnet server.example.com 9999 ...
    (comp.security.ssh)
  • Re: OSR507: xm_vtcld : could not open libXm.so
    ... laptop, I can run successfully "scoadmin software" if I'm through SSH, ... LINUXLAPTOP $ telnet 172.xxx.101.66 ... Similarly cron jobs have a different environment, and cgi-bin scripts ...
    (comp.unix.sco.misc)