> I'm not keen on the idea of people grabbing my telnet session away from me > and making free with it. I'm resigned to the notion that they can steal > it; I'd like to make it useless to them once they've got it. > > Suppose I took term (a multiplexing, compressing, error-correcting serial > tunnel program) and added encryption, and rigged that to be my login shell. > I'd log in to the computer, and after my S/Key prompt it'd fire up an > encrypted term. I don't see any way some could burgle in through that. > > Have I missed something fundamental here? Or would this work? Encrypting will defeat the attack; however, different methods of encrypting will have different properties. If you encrypt at application level, above TCP, someone who tries to inject garbage will perpetrate a denial of service attack on you. If you encrypt below TCP, garbage will be rejected, and the normal TCP retransmission mechanisms will recover.