Re: making telnet secure



On Thu, 16 Oct 2008, Sudarshan Soma wrote:

HI ,
I have telnet server implemented on the server. Now i want the ssh
client to connect to this modified telnet server by adding
encryption/decryption functions in it.


Can I do this easily by just putting the appropriate encrypt/decrypt
functions , session key establishment code from ssh server to telnet
server.

Tunelling is one solution , i can think of . Is there any other easy
alternative for this apart from changing the telnet server code.

It is not a trivial thing to add encryption to the telnet protocol. It
would have to be added on both ends (client and server), and it was not
widely done. One approach was called SRP, from Stanford University. I
haven't heard anything from them for a long time, since SSH became common.

Other ideas:

1. Use telnet with SSL. I have heard that there are SSL implementations of
the client and server sides of telnet, but I have not worked with them.

2. Use SSH to establish a secure connection to a) the same server, or b)
one nearby, inside the site's firewall. Establish client-side tunnelling
on port 23. Then on the client machine, telnet to localhost, so that it is
tunnelled to the server.

This can be useful for Windows-based server-side systems that accept
telnet connections but not SSH connections. I have even considered adding
a special telnet-over-ssh mode for our terminal emulation client, Anzio.

Regards,
....Bob Rasmussen, President, Rasmussen Software, Inc.

personal e-mail: ras@xxxxxxxxx
company e-mail: rsi@xxxxxxxxx
voice: (US) 503-624-0360 (9:00-6:00 Pacific Time)
fax: (US) 503-624-0760
web: http://www.anzio.com
street address: Rasmussen Software, Inc.
10240 SW Nimbus, Suite L9
Portland, OR 97223 USA



Relevant Pages

  • Re: I do not get ssh. Why is it more secure?
    ... How is this any more secure that plain old telnet? ... And, well, I just don't get the advantage of ssh ... If you put your ssh server on port 12345, it will be free from attacks. ... SSH connections, in the hands of someone who actually knows what they are doing, have the benefit of treating a remote machine as a remote machine. ...
    (comp.os.linux.misc)
  • Re: Explanation of SSH
    ... I am still unclear on how SSH works exactly. ... Client issues SSH command and names server ... "Shopper" says "server sends back its public host and server keys ... Surely there is only one public key it sends ...
    (comp.security.ssh)
  • Re: ssh security question
    ... In my case - the client is a windows client and the ssh is embedded into the windows nx client. ... Is there any reason I can't run ssh-keygen on the server and copy the private key to the client - and the public key to the "authorised" directory? ... sniffer can catch your passwords, and it would make it trivial to log in ...
    (SSH)
  • Re: Trouble with X11 over SSH on Mandriva 2010.0
    ... If next clean install/update causes ssh to break, ... installed the sshd daemon/service package (OpenSSH Server) on the server. ... correct values for client and server. ...
    (comp.os.linux.networking)
  • Re: SBS 2003 SP 1 on MSDN disks
    ... the PPPoE client, which I believe it operate as, even if Earthlink does not know it, and stop using the Windows Server 2003 PPPoE client to connect. ... I have started the Telnet service on my client computer ... I have started the Telnet service on the SBS2003 server. ...
    (microsoft.public.windows.server.sbs)