From owner-freebsd-hackers Fri Dec 5 13:16:07 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id NAA09642 for hackers-outgoing; Fri, 5 Dec 1997 13:16:07 -0800 (PST) (envelope-from owner-freebsd-hackers) Received: from shell.firehouse.net (brian@shell.firehouse.net [209.42.203.45]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id NAA09588 for ; Fri, 5 Dec 1997 13:15:59 -0800 (PST) (envelope-from brian@shell.firehouse.net) Received: from localhost (brian@localhost) by shell.firehouse.net (8.8.5/8.8.5) with SMTP id QAA11519; Fri, 5 Dec 1997 16:15:39 -0500 (EST) Date: Fri, 5 Dec 1997 16:15:38 -0500 (EST) From: Brian Mitchell To: Jim Bryant cc: ircadmin@shellnet.co.uk, freebsd-hackers@FreeBSD.ORG Subject: Re: Telnet Root access In-Reply-To: <199712052035.OAA00812@unix.tfs.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Fri, 5 Dec 1997, Jim Bryant wrote: > ahem... > > why would one wish to have the root password pass over an insecure > network in plaintext form??? > > man su This is pretty dumb, as the password is _still_ passing over an insecure network in plaintext form. > > also, for most practical purposes, you should not even be using > telnet... i suggest using ssh/sshd, because no passwords, in fact > nothing in the entire session, is transmitted in plaintext. Well, some client information is transmitted in plaintext; it does that to determine what ssh capabilities the other side has.