From owner-freebsd-isp  Fri Nov 13 15:51:37 1998
Return-Path: <owner-freebsd-isp@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id PAA22337
          for freebsd-isp-outgoing; Fri, 13 Nov 1998 15:51:37 -0800 (PST)
          (envelope-from owner-freebsd-isp@FreeBSD.ORG)
Received: from aniwa.sky (p17-nas1.wlg.ihug.co.nz [216.100.145.17])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA22332
          for <freebsd-isp@FreeBSD.ORG>; Fri, 13 Nov 1998 15:51:33 -0800 (PST)
          (envelope-from andrew@squiz.co.nz)
Received: from localhost (andrew@localhost)
	by aniwa.sky (8.8.8/8.8.7) with SMTP id MAA00943;
	Sat, 14 Nov 1998 12:50:54 +1300 (NZDT)
	(envelope-from andrew@squiz.co.nz)
Date: Sat, 14 Nov 1998 12:50:47 +1300 (NZDT)
From: Andrew McNaughton <andrew@squiz.co.nz>
X-Sender: andrew@aniwa.sky
Reply-To: andrew@squiz.co.nz
To: Andy Farkas <andyf@speednet.com.au>
cc: freebsd-isp@FreeBSD.ORG
Subject: Re: no more telnet
In-Reply-To: <Pine.BSF.4.05.9811140105060.6128-100000@backup.zippynet.iol.net.au>
Message-ID: <Pine.BSF.4.01.9811141240570.685-100000@aniwa.sky>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Sat, 14 Nov 1998, Andy Farkas wrote:

> > Installing ssh won't save you a trip to the console if it's currently
> > required, since you need access before you can install ssh.  Once you're
> > back up though you might consider installing ssh and running it as a
> > daemon, (not through inetd) so that it acts as a backup access method in
> > case your problem returns.
> > 
> > Andrew McNaughton
> > 
> 
> Are you suggesting that I replace telnetd with ssh??  Seeing as how I am
> the only one that has shell access ... sounds .. secure...


What I was suggesting is that if you have a problem with telnet and that
fixing it requires a trip to a remotely located machine, then you might
want a backup access method other than telnet.  Ssh has security
advantages but the redundancy (ie leave telnet in) is what I was
suggesting might be useful in your current situation.

I routinely use ssh rather than telnet, but I still have telnet there as a
fallback.

Ssh installs cleanly and easily from the standard sources.  It won't take
you long to get going.

Security is not the issue you've raised, but in so far as you're concerned
about sniffers, it's worth keeping in mind that the number of users is a
minor security issue compared to sending your root password in clear text.

Andrew McNaughton


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message