Regarding root access to telnet

Ed Wilts ewilts at ewilts.org
Wed Feb 22 20:35:45 UTC 2006


On Wed, Feb 22, 2006 at 10:21:42AM -0800, Tobias Speckbacher wrote:
> However, it is not that telnet as a service is inherently insecure,
> however, the protocol is. (software vs. network, I am sure someone is
> going to take this out of context)
> 
> The main concern regarding telnet is the transmission of data in clear
> text.  This means anyone in between you and the server can
> intercept/alter session data, making it trivial to sniff passwords or
> perform other malicious activities with your session.

The distiction is actually quite important.  If I wanted to open up root
telnet access on my home network, there would be no security
vulnerability doing so - the only people with physical access to the
network are my wife and I, so sniffing just isn't going to happen.  I
think I'd notice if a stranger walked into my spare room and plugged in
to my switch :-)

> As it is using anything less than ssh in my opinion is a severe
> violation/disregard of best practices.

Sometimes there are business reasons for using telnet (sigh...) but yes,
ssh is a best practise.  Even at home, I use ssh between my internal
systems.  On a couple of key systems at work, I even threw out openssh
in favor of the Tectia SSH server because of security reasons.

        .../Ed

-- 
Ed Wilts, RHCE
Mounds View, MN, USA
mailto:ewilts at ewilts.org
Member #1, Red Hat Community Ambassador Program




More information about the redhat-list mailing list