[13293] in Athena Bugs
Re: telnet
daemon@ATHENA.MIT.EDU (Theodore Ts'o)
Mon Mar 6 17:11:38 1995
Date: Mon, 6 Mar 1995 17:11:30 +0500
From: Theodore Ts'o <tytso@MIT.EDU>
To: John Hawkinson <jhawk@MIT.EDU>
Cc: Chris Shabsin <shabby@MIT.EDU>, bugs@MIT.EDU, brlewis@MIT.EDU
In-Reply-To: John Hawkinson's message of Mon, 6 Mar 1995 15:42:09 -0500,
<9503062042.AA14950@m2-225-3.MIT.EDU>
Date: Mon, 6 Mar 1995 15:42:09 -0500
Cc: bugs@MIT.EDU, brlewis@MIT.EDU, tytso@MIT.EDU
From: John Hawkinson <jhawk@MIT.EDU>
> It's impossible to get a telnet connection that is encrypted but
> unauthenticated, as near as I can tell.
This is largely correct. It is, however, not an implementational
deficieny, but it is a protocol bug/issue.
It rests upon the fact that you cannot obtain a telnet connection with
encryption without obtaining one with authentication, and the
telnet authentication option is overloaded to mean two things:
1) Exchange authentication information to prove who I am
2) Perform "autologin" as the person who provided the auth
data.
That's not why you must have authentication to get encryption. The
reason why you need to have authentication before you can negotiate the
encryption option is because, at least of Kerberos, the way that you get
key for the encryption is derived from the session key obtained as part
of the authentication step.
This was a conscious decision that isn't likely to be changed, since if
you decouple authentication and encryption, then if you want to do both,
you would need two redundant Kerberos authentication exchanges.
- Ted
