telnet

[inode0]

On Tue, 08 Mar 2005 10:08:27 -0800, Rick Stevens
<rstevens at vitalstream.com> wrote:
> Rick Stevens wrote:
>
> I forgot to mention that, unless you have absolutely no choice, you
> should NEVER, EVER use telnet.  Since telnet transmits everything in
> cleartext (INCLUDING your passwords), you should never use it unless you
> can absolutely guarantee the security of your network--and even then you
> should be very, very concerned that someone is snooping your network--
> especially if there is a wireless link in it somewhere.

Good advice in general but encrypted telnet is available on RHEL and
FC distributions if you are in an environment supporting it.

> We all recommend you use ssh (secure shell), which encrypts everything
> (passwords, text, everything) using one of several different ciphers
> (typically blowfish, CAST128, 3DES or Arcfour) and guarantees integrity
> of the connection using hmac-md5 or hmac-sha1.

Agreed when you have the choice. I know of one largish environment
with between 30 and 40 thousand users where both ssh and unencrypted
telnet are unavailable in places. Encrypted telnet is your only
choice. I very much appreciate that Red Hat provides support for this.

John