home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Columbia Kermit
/
kermit.zip
/
newsgroups
/
misc.20010306-20010921
/
000076_news@columbia.edu _Mon Apr 23 09:03:20 2001.msg
< prev
next >
Wrap
Internet Message Format
|
2020-01-01
|
4KB
Return-Path: <news@columbia.edu>
Received: from newsmaster.cc.columbia.edu (newsmaster.cc.columbia.edu [128.59.59.30])
by fozimane.cc.columbia.edu (8.9.3/8.9.3) with ESMTP id JAA22832
for <kermit.misc@cpunix.cc.columbia.edu>; Mon, 23 Apr 2001 09:03:20 -0400 (EDT)
Received: (from news@localhost)
by newsmaster.cc.columbia.edu (8.9.3/8.9.3) id JAA04645
for kermit.misc@watsun.cc.columbia.edu; Mon, 23 Apr 2001 09:01:34 -0400 (EDT)
X-Authentication-Warning: newsmaster.cc.columbia.edu: news set sender to <news> using -f
Message-ID: <3AE4279A.267247FE@macrotex.net>
From: "Adam H. Lewenberg" <adam@macrotex.net>
Subject: Re: Secure File transfer Please reply via email
Date: Mon, 23 Apr 2001 08:01:14 -0500
Organization: University of Illinois at Urbana-Champaign
To: kermit.misc@columbia.edu
I think (by now) we have got the message that some
of the Kermit developers are not enamored with ssh
and even have good technical reasons for holding their
negative opinions of this product.
But the security arguments miss the point: the
vast majority of users who need telnet support have
no secure connection choice other than ssh. It would
be nice if all (or even many) of the sysadmins
around the world installed a better security product
but they haven't and probably won't: ssh is
just too easy.
The alternative---unencrypted telnet connections---
will soon vanish as sysadmins turn off these ports.
So, I hope that the Kermit development folks can
swallow their disappointment that VHS
is prevailing over BETA and make the ssh client
version of Kermit and Kermit95 available as soon as
possible. The Kermit platform is unequalled
in essenatially every other way (terminal emulation,
scripting, etc.) and it would be a shame to see
it languish because people are forced to use
some inferior ssh client.
Respectfully yours, A. Lewenberg
Frank da Cruz wrote:
>
> In article <4416878.EvYhyI6sBW@ac.lisse.na>,
> Eberhard W Lisse <el@lisse.NA> wrote:
> : On Tuesday 17 April 2001 20:23 Michael Witherington wrote:
> : > I need to initiate a secure file transfer from a linux machine using
> : > C-Kermit 6.0.192 to a windows machine running Kermit 95.
> :
> : ssh
> :
> No, believe it or not, ssh is not the answer to every question. Michael
> worded his question carefully, specifying the software and versions that
> he has available, which happen to be scattered over hundreds locations.
> The real answer is: there is no way to accomplish secure transfers using
> the software combinations that he has available, not without installing
> additional software of some kind (something he did not wish to do because
> of the many scattered sites). Since additional software must be installed,
> it might as well be C-Kermit 7.0 (or soon 7.1) which supports the same
> security methods as the current Kermit 95 release. These are described
> here:
>
> http://www.columbia.edu/kermit/security.html <-- C-Kermit 7.0
> http://www.columbia.edu/kermit/security71.html <-- C-Kermit 7.1
>
> Also, as noted previously, we do not believe SSH is a particularly safe
> or reliable security method compared to the ones supported by Kermit,
> which are Kerberos 4 and 5, SSL/TLS, and SRP. Some of the reasons are
> listed here:
>
> http://www.columbia.edu/kermit/ckfaq.html#ssh
>
> This does not mean we won't be adding SSH 2 (and maybe 1) support in
> future Kermit releases. The requests for it have been defeaning and
> arguments against it are futile. But if we do add it, we will describe
> the pitfalls in the documentation rather than painting it as some kind of
> ultimate security solution.
>
> - Frank
--
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Adam Lewenberg (217) 373-8173 voice and fax
adam@macrotex.net