> ssh -c 'none' should allow you to login to a machine while providing secure
> authentication (it is intended as a secure replacement for rlogin and rsh).
> With the 'none' option, it does not encrypt the data stream. Make sure
> you configure things properly - it appears that passwords are still sent
> in the clear (so you will want to use an rhosts file to avoid the need for
> passwords).
BS> How is this any better than telnet? If you're going to do
BS> this, use a public key authentication system, which would
BS> prevent the password crossing the wire by using a
BS> challenge/response system. Since I believe the challenge is
BS> plaintext, and is then encrypted using the private key, and
BS> anyone can decrypt it using the public key, it should pass
BS> US requirements.
By default, SSH will prefer RSA public-key authentication if available. It can
also be configured to require RSA authentication, failing the connection
instead of reverting to insecure password exchange when RSA is not available.
-- Mike