telnet vs ssh on Core equipment , looking for reasons why ?
Rubens Kuhl Jr.
rkuhljr at uol.com.br
Tue Jul 31 19:55:03 UTC 2001
SSH has one advantage to one time passwords, in providing a secure path to
see/change the configuration. Parameters like ACLs, communities and even
interface descriptions (wanna know who the clients of your competitor are
?) are travelling in clear on the network... even clear-text passwords with
vty access controls and routing protocols security can resist to sniffing
(know the password, can't use it), but information is always useful.
Rubens Kuhl Jr.
>Here's an alternative that might work. Authenticate via Radius which in
>turn proxies the authentication request to a SecurId server. With one time
>passwords, who cares if they get sniffed? You also get the benefit of
>having your Radius server being able to do accounting/access control on
>the sessions as well.
More information about the NANOG
mailing list