[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ESP Unix encrypted session protocol software



> >Matt, why did you choose to implement your own protocol instead of
> >adding a DH authentication/encryption type to telnet?
> >
> >               Marc
> 
> I've got one of those, too (it won't be ready for release too soon, 
> though - telnet is big and ugly).  An encrypting telnet and telnetd
> almost always provide a more appropriate way to do session encryption.
> However, there are some situations where ESM is really the only
> option.  One is when you can't or don't want to install a daemon
> (e.g., for very occasional use).  More importantly, by running within
> the session, ESM can provide end-to-end encryption across an untrusted
> application-layer firewall (like the one I go through to get
> between home and work).

I might add that esm can be installed on unix boxes in your own account
without having to be root, something which cannot be said for telnetd.
Not everyone has root access to every box they are on, so implementing
one's own interface instead of having to rely on something that requires
root access on every machine makes a lot more sense.
-- 
Ed Carp, N7EKG    			[email protected], [email protected]
801/534-8857 voicemail			801/460-1883 digital pager
Finger [email protected] for PGP 2.5 public key		[email protected]
                       ** PGP encrypted email preferred! **

Cop: "How many beers have you had tonight, bro?"
Suspect: "Seventy."  -- from the TV show "Cops"