Andrew Suffield <[EMAIL PROTECTED]> writes: > On Thu, May 08, 2003 at 01:24:58PM +0200, Guus Sliepen wrote: >> On Thu, May 08, 2003 at 01:56:18PM +0300, Lars Wirzenius wrote: >> >> > > Rsh-redone is a reimplementation of the remote shell clients and >> > > servers. It is written from the ground up to avoid the bugs found in >> > > the standard clients and servers. >> > >> > Such as transmitting passwords in cleartext or relying on IP numbers for >> > authentication? >> >> Sigh, you're obviously trolling. > > So that would be a "no", then? > >> If you have a network that is already >> secure (for example, behind a decent firewall, or a VPN), using ssh only >> means lots of unnecessary overhead. The lack of security in rsh is not a >> bug, it is just the way it is supposed to work. > > Security should be end-to-end, not point-to-point. The sheer number of > times a site has been compromised because their "secure" network > wasn't and somebody was using rsh...
Erm, as a Beowulf cluster administrator, I can assure you that there are uses for rsh. In a cluster environment, ssh is just overkill. -- CYa, Mario | Debian Developer <URL:http://debian.org/> | Get my public key via finger [EMAIL PROTECTED] | 1024D/7FC1A0854909BCCDBE6C102DDFFC022A6B113E44
