From owner-freebsd-security  Sun Feb 26 21:22:11 1995
Return-Path: security-owner
Received: (from majordom@localhost) by freefall.cdrom.com (8.6.9/8.6.6) id VAA28379 for security-outgoing; Sun, 26 Feb 1995 21:22:11 -0800
Received: from localhost (localhost [127.0.0.1]) by freefall.cdrom.com (8.6.9/8.6.6) with SMTP id VAA28196; Sun, 26 Feb 1995 21:20:35 -0800
X-Authentication-Warning: freefall.cdrom.com: Host localhost didn't use HELO protocol
To: Mike Grupenhoff <kashmir@umiacs.UMD.EDU>
cc: Peter da Silva <peter@bonkers.taronga.com>, hackers@freefall.cdrom.com,
        security@freefall.cdrom.com
Subject: Re: key exchange for rlogin/telnet services? 
In-reply-to: Your message of "Sun, 26 Feb 95 22:07:29 EST."
             <Pine.BSD.3.91.950226220419.1846b-100000@snarf.dorm.umd.edu> 
Date: Sun, 26 Feb 1995 21:20:34 -0800
Message-ID: <28195.793862434@freefall.cdrom.com>
From: "Jordan K. Hubbard" <jkh@freefall.cdrom.com>
Sender: security-owner@FreeBSD.org
Precedence: bulk

> It still sounds like you only need your passwords protected.  Wouldn't 
> s/key be enough for this?  The s/key hooks in 2.0 work very well for me.

I won't have control over all the sites I want to use.  Encrypting my
entire session gives me much more flexibility over what I can do
during that session, and it means I only have to really have it set up
on two reasonably secure hosts to buy a large measure of security for
that "first hop" I've so little control over.  I have considered S/key
and the other currently available options.  They're truly
insufficient.


					Jordan