telnet & ftp official status

Ken Hornstein kenh at
Fri Oct 3 20:40:19 EDT 2008

>FTP may perform better than many SFTP/SSHv2 implementations; I'm not
>sure.  Other than that I can't think what advantages the MIT krb5 apps
>offer over SSHv2.  I don't think such an advantage should be considered
>significant -- let the SSHv2 implementors improve their implementations'
>performance if that's needed.

The two big advantages that come to mind for me are:

- The code and protocols are simpler (Well, okay, telnet is the exception
  here).  That makes modification and maintenance easier.
- They actually _return all the damn Kerberos errors_.  In OpenSSH
  ... well, you can run it in some super-debugging mode and get
  client-side errors, if you want to spent your time sorting through
  piles of crap.  Server-side errors are not returned to the client
  in most cases (rumor is that they are logged on the server
  somewhere, but inevitably that's on some machine that I am not
  an administrator on).  The Kerberos integration in OpenSSH
  just plain bites on a practical level.  Perhaps it is better in
  other SSH implementations, but I have no experience with them.

(Getting back to FTP ... it is out-of-the-box faster, assuming encryption
is not on of course, and it is easy to make it perform very fast).

Just FYI, I have no problem with the apps being split off to another
tree, or run by someone else (*cough* Russ *cough*).


More information about the krbdev mailing list