-----BEGIN PGP SIGNED MESSAGE-----
On Thu, 7 Nov 1996, Lawrence Beobachter wrote:
> I tried tcpdump on FreeBSD and it turned out that login information
> during telnet sessions as well as USER and PASS info sent by pop-client
> are both xmitted in plain text <shudder>.
> Is there any solution besides S/Key (please, include pointers) to
> block this don't-know-how-to-call-it hole.
Have a look at SSLeay and SSLtelnet. SSL is an excellent freeware
implementation of Netscape's SSL (Secure Socket Layer) encryption
standard. SSL telnet is a patched version of telnet and telnetd which can
I have SSL telnet configured on our firewall machine to reject all
non-encrypted telnet connections.
You can get clients for Windows and unix. There are also freely available
SSLftp and a SSL version of apache.
ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL (SSL library)
ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps (SSL apps)
| Damien Miller -
| Email: dmiller @
sg (PGP and MIME ok)
| WWW: http://www.vitnet.com.sg/dmiller
| PGP public key: send me an email with "send file pgp_key" as the subject
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----