[755] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] SSL

daemon@ATHENA.MIT.EDU (Squawk)
Thu Jun 6 13:45:36 1996

Date: Thu, 6 Jun 1996 11:45:17 -0400 (EDT)
From: Squawk <discodan@vampire.org>
To: Jordy <jordy@aloha.com>
cc: linux-security <linux-security@tarsier.cv.nrao.edu>
In-Reply-To: <Pine.BSI.3.91.960602231508.11273E-100000@aloha.com>



On Sun, 2 Jun 1996, Jordy wrote:

> 
> I'm curious to know everyone's thoughts on the Secure Socket Layer 
> implementations for Linux. At this time, they provide Authentication and 
> integration with Keberos (if i read the SSLtelnet docs correctly) This 
> seems like a plausable solution to secure intranets and for the rest of 
> the internet community.
> 
> One thing that seems to bother me is that in the telnet daemon, it won't 
> ask for the login name if the client and daemon have authentication. I 
> guess this is a "feature", it would be a lot nicer if it used the keys 
> and the password with kerberos encryption. I think this would probably 
> fix the problem of packet sniffing of the passwords while login.

I believe (though I could be wrong on this one) that kerberos has the 
same "feature" which means when connecting across a kerberos network you 
will never see a login.  this makes it alot more convienient (alot like 
.rhosts entries but more secure)  but its mainly because the less times 
you type a  login/passwd the less times a sniffer can pick them up, even 
if its encrypted.

-Dan

home help back first fref pref prev next nref lref last post