I've been using a program I wrote called deslogin which I last released
on ftp.uu.net about six months ago. The recent CERT advisory has caused a
flood of inquiries to me about my program and I'm preparing a new release
as a result.
A couple of questions come to mind. Is telnet's encryption
option widely available, and separately, is a secure challenge/response
authentication protocal used for it now? I originally wrote the program
to provide a secure un-tappable/hijackable connection between two secure
hosts across a highly insecure network.
If telnet does not, I'm trying to get an idea of how many people have used
or wish to use deslogin. In the past, portability has been a problem, and
I'm seeking to improve it substantially. I'm seeking advice and
assistance particularly from people very familiar with the recent state
of the various standards as the documentation I have applies only to POSIX 1.
Please respond by email to barrett @
edu with any
comments (or flames). I'd be very appreciative of your comments.
David A. Barrett