From owner-freebsd-security Mon Jun 24 21:23: 1 2002 Delivered-To: freebsd-security@freebsd.org Received: from CPE0004761ac738-CM00109515bc65.cpe.net.cable.rogers.com (CPE0004761ac738-CM00109515bc65.cpe.net.cable.rogers.com [24.103.39.131]) by hub.freebsd.org (Postfix) with SMTP id ADF9437B400 for ; Mon, 24 Jun 2002 21:22:54 -0700 (PDT) Received: (qmail 77141 invoked by uid 1001); 25 Jun 2002 04:23:13 -0000 Date: Tue, 25 Jun 2002 00:23:13 -0400 From: Miroslav Pendev To: security@freebsd.org Subject: The good old telnet... Message-ID: <20020625042313.GA75674@CPE0004761ac738-CM00109515bc65.cpe.net.cable.rogers.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Divine-Shadow-Zone: Beware of Lexxx! X-Operating-System: FreeBSD 4.6 User-Agent: Mutt/1.5.1i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi All! The discussion for SSH is ... Oh Boy!!! :-> Thank you guys from _core_ for your opinion! I think it is the right! I am nobody to 'think' 'bout that, but... anyway... It is NOT good all UNIX OS-es to depend on just one [OpenSSH] 'team'!!! The SSH is is pretty much on every server in the NET, this team have 'The Power' ... to rules... in case like this. ;-/ And I do not think this is gonna be the latest ssh 'bug', because it is very attractive target (together with Apache) I would rather get back to the good old telnet, than waiting for someone to log in - even with non-privileged user (as Theo said even with privsep). Which is the worst - clear text pass going around Internet with milions of POP3 clear text passwords or "c'mon in...? Please, do not missunderstand me, I would like to use SSH instead of telnet, but... I am FreeBSD user and I trust in FreeBSD core team, not somebody else... until the 'patch' is released *when the moon is in capricorn* telnet may not be such a bad idea ;-) --Miro To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message