> Andrew H. Fagg wrote:
>
> > ssh -c 'none' should allow you to login to a machine while providing
> > secure authentication (it is intended as a secure replacement for
> > rlogin and rsh). With the 'none' option, it does not encrypt the data
> > stream. Make sure you configure things properly - it appears that
> > passwords are still sent in the clear (so you will want to use an
> > rhosts file to avoid the need for passwords).
>
> How is this any better than telnet?
Using .rhosts or .shosts means you don't have to use any passwords. Just
like in rlogin. If you set up rlogin with /etc/hosts.equiv or .rhosts
file anyone can still fake your ip address but SSH always gives you RSA
based _host_ authentication so this is more secure than rlogin (just make
sure that rlogin, rsh & co. are disabled in inetd.conf). And of
course better than telnet because there is no password to be sent in
the clear.
Anyway I use the RSA based user authentication option which I think is the
best thing to do. With compression enabled it's almost usable over packet
radio...
-- --- Tomi Manninen / arc@vk.se / OH2BNS @ OH2RBI.FIN.EU ---