telnet vs ssh on Core equipment , looking for reasons why ?

fingers fingers at
Tue Jul 31 13:56:08 UTC 2001


> true, but i would point out that if its your core equipment that you are
> accessing from your network that sits directly on the core then you should
> be happy with the fact that no one is eavesdropping and it makes no
> difference.

not everyone has out-of-band networks for management. Management of
devices is sometimes done thousands of miles away. Remember also that this
traffic can be sniffed before it gets to the core (yes, ssh is sniffable
aswell, but just not as easily, and atleast it's not in plaintext)

> so thats my main logic, authentication... i cant understand the big
> paranoia on people sniffing tho!

unfortunately ssh is just as sniffable if it's an arp spoof, but hopefully
it's not as easy for the naughty eavesdropper to get into the right
position for that....


More information about the NANOG mailing list