1994-03-04 - Re: How to do encrypted telnet without being root (tutorial, includes src)

Header Data

From: gtoal@an-teallach.com (Graham Toal)
To: jef@ee.lbl.gov
Message Hash: 090c2b9dc03c51848f161111a8cca611b9821797da4beee56a4a9229c3f2316a
Message ID: <199403041657.QAA29092@an-teallach.com>
Reply To: N/A
UTC Datetime: 1994-03-04 16:57:41 UTC
Raw Date: Fri, 4 Mar 94 08:57:41 PST

Raw message

From: gtoal@an-teallach.com (Graham Toal)
Date: Fri, 4 Mar 94 08:57:41 PST
To: jef@ee.lbl.gov
Subject: Re: How to do encrypted telnet without being root (tutorial, includes src)
Message-ID: <199403041657.QAA29092@an-teallach.com>
MIME-Version: 1.0
Content-Type: text/plain


	That's quite interesting, but it sure looks like it's unable to
	encrypt the only part of the session that I really want to encrypt:
	the password.
	---
	Jef

True - that's why I suggested using one-time passwords before you
get to that stage.  I'm using s/key myself.  If you can't install
s/key checking in login, you can use an s/key shell as a user
process (assuming you can change your shell that is).

By the way, S/Key *doesn't* need an intelligent card - you can do
what I do and print off 100 passwords small on a credit-card slip.
I fetched it as soon as I discovered this.  It's not a perfect
system but it helps.

G





Thread