Re: rlogin vs telnet

Mark Hahn (hahn@coffee.psychology.mcmaster.ca)
Wed, 26 May 1999 21:10:25 -0400 (EDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Derrick J Brashear: "Re: configuring a bridge/router?"
Previous message: Denis Voitenko: "sendmail vs. qmail?"

> > >From the user's point of view there is actually not much difference
> > except the r* feature of allowing remote login (or remote execution or
> > copy) without the password. If you use this, be sure that you *really*
> > trust the hosts you allow access from.

whenever rlogin or telnet are mentioned, it's critical to point
out that THEY SHOULD NEVER BE USED! (almost) any time you find
yourself typing your password over the net, alarm bells should
go off. yes, it could be that all the machines on the net(s)
involved are trusted, but that's rarely the case.

protocols such as ssh deliver all the functionality of rlogin/sh/cp,
with none of the inherent insecurity. telnet isn't even installed
on most of my machines; sadly, some admins of, for instance, campus
mailservers, are ignorant of security concerns.

-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.rutgers.edu

Next message: Derrick J Brashear: "Re: configuring a bridge/router?"
Previous message: Denis Voitenko: "sendmail vs. qmail?"