secure router access

Dean Anderson dean at av8.com
Fri May 15 05:58:50 UTC 1998


At 12:21 AM -0400 5/15/98, Perry E. Metzger wrote:
>URL or no, I've played with both kerberized NCSA telnet and SSH --
>anyone who claims that setting up and maintaining a KDC is as easy as
>the "point and shoot" rlogin replacement portion of SSH hasn't really
>tried both possibilities. SSH is far simpler -- its almost foolproof,
>and it requires no infrastructure commitment to run.

You still have to setup sshd and appropriate user accounts.  WRT Cisco you
would need something like Tacacs or RADIUS, which would also need to be
setup.   These aren't exactly "point and shoot" either.

If you have trouble setting up kerberos, try kerbnet from Cygnus.

I grant that Kerberos is a bit more sophisticated, and slightly more
complicated, though.

Not to mention that there is also sslTelnet.

		--Dean


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
           Plain Aviation, Inc                  dean at av8.com
           LAN/WAN/UNIX/NT/TCPIP/DCE      http://www.av8.com
           We Make IT Fly!                (617)242-3091 x246
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++





More information about the NANOG mailing list