Vendor comments on plan to remove telnet, ftp and eventually appl/bsd

Jeffrey Altman jaltman at
Mon Jul 22 20:42:01 EDT 2002

> I think there's been... one?  None?  klogind advisories over the same
> period of time that has seen at least five serious remotely-exploitable
> sshd holes.
> Whether that's because fewer people care or because the program is
> simpler, I have no idea, and frankly don't particularly care.  It
> translates into fewer exploits.
> And I'm sorry that you've had so many problems setting up klogind, but it
> works fairly reliably for us across six different brands of Unix.  *shrug*

The same could be said of telnet.  Its simpler and has less
functionality.  Therefore, it should be easier to secure.

 Jeffrey Altman * Sr.Software Designer     Kermit 95 2.0 GUI available now!!!
 The Kermit Project @ Columbia University  SSH, Secure Telnet, Secure FTP, HTTP            Secured with MIT Kerberos, SRP, and 
 kermit-support at               OpenSSL.

More information about the krbdev mailing list