On Sat, 17 Jun 2006 23:45:43 +0200 Alexander Skwar wrote: > Mick wrote: > > On 17/06/06, Raymond Lewis Rebbeck <[EMAIL PROTECTED]> wrote: > > > >> You cannot use an ssh client in this manner. > >> > >> If you want a telnet client, emerge either netkit-telnetd or telnet-bsd. > > > > Thanks for all the replies. I had not emerged telnet so far because > > of potential security reasons. Is netcat better in that respect? > > I actually know of no security problems with telnet. To which > are you referring (note: telnet, not telnetd)? > > Alexander Skwar
I think this thread needs clarification (not specifically you Aleaxander) The problem with the telnet is mainly plain text passwords - your login to a telnet server is plain text and easily snooped. But using telnet to connect to a smtp server or web server for testing purposes poses no threats. If you have to pass plain text credentials via telnet (eg to log in to a pop or imap server) then the risk is exactly the same as when your email client passes a plain text password to the imap or pop server. In both cases it can be snooped. If the service you want to log into is protected with an ssl wrapper then tuse the openssl program to log in. For example to connect to my imap server (from the same machine) openssl s_client -host localhost -port 993 openssl responds with a whole lot of info about the certificate and so on then you can type away just like a telnet session (but encrypted) eg: [EMAIL PROTECTED] ~ $ openssl s_client -host localhost -port 993 (openssl spews out a whole lot of stuff about the certificate) Then the imap server's opening greeting: * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE AUTH=PLAIN ACL ACL2=UNION] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc. See COPYING for distribution information. Then I type (responses are marked >> for clarity: 1 login nick xxxxxxxx >>1 OK LOGIN Ok. 2 logout >>* BYE Courier-IMAP server shutting down >>2 OK LOGOUT completed This is exactly the exchange I get if I telnet to the non ssl port 143, except telnet to port 143: 1. doesn't do a key exchange etc 2. is plain text and snoopable. > -- > [email protected] mailing list -- Nick Rout <[EMAIL PROTECTED]> -- [email protected] mailing list
