From owner-freebsd-security  Sun Feb 26 19:10:03 1995
Return-Path: security-owner
Received: (from majordom@localhost) by freefall.cdrom.com (8.6.9/8.6.6) id TAA21260 for security-outgoing; Sun, 26 Feb 1995 19:10:03 -0800
Received: from snarf.dorm.umd.edu (snarf.dorm.umd.edu [129.2.140.2]) by freefall.cdrom.com (8.6.9/8.6.6) with ESMTP id TAA21193; Sun, 26 Feb 1995 19:08:26 -0800
Received: by snarf.dorm.umd.edu (8.6.10/8.6.10)
	id WAA23644; Sun, 26 Feb 1995 22:07:30 -0500
Date: Sun, 26 Feb 1995 22:07:29 -0500 (EST)
From: Mike Grupenhoff <kashmir@umiacs.UMD.EDU>
X-Sender: kashmir@snarf.dorm.umd.edu
To: "Jordan K. Hubbard" <jkh@freefall.cdrom.com>
cc: Peter da Silva <peter@bonkers.taronga.com>, hackers@freefall.cdrom.com,
        security@freefall.cdrom.com
Subject: Re: key exchange for rlogin/telnet services? 
In-Reply-To: <16925.793850098@freefall.cdrom.com>
Message-ID: <Pine.BSD.3.91.950226220419.1846b-100000@snarf.dorm.umd.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: security-owner@FreeBSD.org
Precedence: bulk

On Sun, 26 Feb 1995, Jordan K. Hubbard wrote:

> Sorry, but this still just doesn't do it for me.  I will be doing
> other logins within that session, or often need to `su' to do system
> repair work.  I need the session entirely encrypted from the first
> couple of handshakes.  From all indications, this diffie-hellman thing
> is the way to go!

It still sounds like you only need your passwords protected.  Wouldn't 
s/key be enough for this?  The s/key hooks in 2.0 work very well for me.

mike