[cryptography] preventing protocol failings

Andy Steingruebl andy at steingruebl.com
Tue Jul 12 19:04:45 EDT 2011


On Tue, Jul 12, 2011 at 3:56 PM, Ian G <iang at iang.org> wrote:

> The SSH-vs-telnet example was back in the mid-90s where there were two
> alternatives:  secure telnet and this new-fangled thing called SSH.

The way it for for everyone I knew that went through it was:

1. Sniffing was sort of a problem, but most people didn't care
2. Telnet was quite a bit of a pain, especially when using NAT, and
wanting to do X11 forwarding
3. Typing in your password again and again over telnet (which did have
advantages over rlogin/rsh) was a pain.

Enter SSH.  It solved #1, but the big boon to sysadmins to figure it
out and installed it was that it *really* solved #2 and #3, hence
major adoption.  I know this wasn't the case for everyone to adopt it,
some people did it purely for security reasons.  That said, the major
threat was the passive attacker, the person running a sniffer on some
network.  Against them SSH was incredibly effective.

- Andy



More information about the cryptography mailing list