I think, rsh is quite obsolete
Chris Adams
cmadams at hiwaay.net
Thu Nov 9 02:38:58 UTC 2006
Once upon a time, Dave Jones <davej at redhat.com> said:
> On Wed, Nov 08, 2006 at 06:48:46PM -0600, Chris Adams wrote:
> > I have needed telnet-server a few times when trying to debug when
> > connecting from network gear (no ssh in most).
>
> hmm, would they have had rsh?
Old Ciscos have telnet, rsh, and tftp. Rsh is a step up in security
from tftp.
> > Also, where we allow
> > shell access to web hosting customers, we still allow telnet (most of
> > them are on Windows and it only includes a telnet client).
>
> by default yes, but there are a number of good free windows ssh clients.
I know (and I use them when I have to use Windows), but we are talking
about customers. We have had some that can't figure out how to upload
their site so they bring it to us on a CD, but they can follow a
"friend's" instructions on how to install this neat-o counter CGI that
say "telnet www.mydomain.com".
> > Both telnet and rsh (client and server) are stable packages with few
> > security issues historically.
>
> security-wise, they are inherently broken by design in that they transmit
> everything in cleartext.
Well, if that is the sole reason to remove them, there are a bunch of
other things that do the same. Are all of them going to go? Will HTTP
simple authentication be disabled in Apache?
What about when such protocols are used over IPSec (or even an ssh
tunnel)?
--
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
More information about the fedora-devel-list
mailing list