Hello. Sorry about the delay replying.
On Thu, Mar 02, 2006 at 03:11:44PM +0100, Bas Zoetekouw wrote: > telnet-ssl doesn't seem to use ssl by default, even if it is available > on the server-side. This kind of defeats the purpose of having a SSL > telnet. > > I have configured my server to only accept SSL enabled connection. > When just trying "telnet-ssl localhost", I get an error: > SSL_accept error error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown > protocol > and telnet hangs for a few seconds and then disconnects. > > Everything works perfectly if I use "telnet-ssl -z ssl localhost" > > What I would expect to happen by default, is for telnet-ssl first to try > an SSL-encrypted connection, and only fall back to a normal telnet > connection if the server doesn't support it. The problem is that there are two ways to do ssl with telnet. The way you are doing it (with -z ssl) makes a SSL connection then runs telnet over it. The other way is to make a telnet connection then use telnet option negotiation to negotiate SSL. telnet-ssl tries to negotiate SSL using telnet option negotiation and then (depending on configuration) falls back to a normal telnet connection, but needs to be explicitly told to use telnet-over-ssl. Changing the server configuration to use standard ssl-over-telnet (ie without -z ssl) should make telnet-ssl work as expected. regards, Ian. -- Ian Beckwith - [EMAIL PROTECTED] - http://nessie.mcc.ac.uk/~ianb/ GPG fingerprint: AF6C C0F1 1E74 424B BCD5 4814 40EC C154 A8BA C1EA -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

