Future of kerberised telnet, login, rsh, ftp?

[Russ Allbery]

Andrew Bartlett <abartlet at samba.org> writes:

> As a relative newcomer to the kerberos world, I'm wondering what the
> future of tools like kerberised telnet, rsh, ftp and the like is.  It
> seems from my viewpoint that OpenSSH (with the gssapi mode) and things
> like pam_krb5 have taken over from these tools.

I would hope that it could eventually, but OpenSSH's GSSAPI support is
currently not sufficient to allow it to do so.  For so long as one needs
third-party patches to OpenSSH for adequate Kerberos support, I don't
think that we're ready to live in that world.

I'm still also seriously concerned about the security implications of
moving from these tools to OpenSSH, and in particular with moving away
from the extremely simple rlogin and rsh protocols to the extremely
complex SSH protocol.  They have very solid track records, whereas OpenSSH
is one of the most heavily attacked programs out there and until recently
was one of the largest sources of major security vulnerabilities.  While
simplicity and obscurity are not actual security measures, they *are*
ameliorating effects; the number of attacks on klogind is easily three
orders of magnitude below the number of attacks on OpenSSH on
Internet-exposed systems.

My expectation for MIT Kerberos is that, at some point, these clients will
be split off from the core distribution and will be maintained separately.
I've volunteered to help with that maintenance and with the release
management for such a project.  My personal interest is in the rlogin and
rsh implementations, but there are significant telnet improvements that
could also be made should people have the interest.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>