Bug#354980: marked as done (telnet-ssl doesn't use ssl by default)

Debian Bug Tracking System Thu, 20 Jul 2006 17:28:55 -0700

Your message dated Fri, 21 Jul 2006 00:49:08 +0100
with message-id <[EMAIL PROTECTED]>
and subject line telnet SSL negotiation
has caused the attached Bug report to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---

Package: telnet-ssl
Version: 0.17.24+0.1-9
Severity: normal

telnet-ssl doesn't seem to use ssl by default, even if it is available
on the server-side.  This kind of defeats the purpose of having a SSL
telnet.

I have configured my server to only accept SSL enabled connection.
When just trying "telnet-ssl localhost", I get an error:
SSL_accept error error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown 
protocol
and telnet hangs for a few seconds and then disconnects.

Everything works perfectly if I use "telnet-ssl -z ssl localhost"

What I would expect to happen by default, is for telnet-ssl first to try
an SSL-encrypted connection, and only fall back to a normal telnet
connection if the server doesn't support it.


-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.13-rc6
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)

Versions of packages telnet-ssl depends on:
ii  libc6                         2.3.6-2    GNU C Library: Shared libraries an
ii  libgcc1                       1:4.0.2-9  GCC support library
ii  libncurses5                   5.5-1      Shared libraries for terminal hand
ii  libssl0.9.7                   0.9.7g-5   SSL shared libraries
ii  libstdc++6                    4.0.2-9    The GNU Standard C++ Library v3

telnet-ssl recommends no packages.

-- no debconf information

--- End Message ---

--- Begin Message ---

I meant to close this when I replied, but forgot.

Closing now.

As I explained, telnet does negotiate SSL using
telnet option negotiation, but not if you tell the
server to run in raw SSL mode using -z ssl.

Ian.

-- 
Ian Beckwith - [EMAIL PROTECTED] - http://nessie.mcc.ac.uk/~ianb/
GPG fingerprint: AF6C C0F1 1E74 424B BCD5  4814 40EC C154 A8BA C1EA
Listening to: Radiohead - Amnesiac - Pulk-Pull Revolving Doors

--- End Message ---

Bug#354980: marked as done (telnet-ssl doesn't use ssl by default)

Reply via email to