----- Original Message ----- From: "Roeland Meyer" <rmeyer@mhsc.com> To: "'Charles Sprickman'" <spork@inch.com>; "Jared Mauch" <jared@puck.Nether.net> Cc: "Mr. James W. Laferriere" <babydr@baby-dragons.com>; <nanog@merit.edu> Sent: Tuesday, July 31, 2001 5:59 PM Subject: RE: telnet vs ssh on Core equipment , looking for reasons why ?
From: Charles Sprickman [mailto:spork@inch.com] Sent: Tuesday, July 31, 2001 9:41 AM
6) Finding a unix ssh that supports 3DES and DES.
I curse those OpenSSH folks for making me have to trudge through the code to find out how to get DES working...
6a) Finding a release on CCO that supports 3DES.
You are probably aware, but EFF published the DES crack. I understand that it is now an issue of cracking DES in less than 12 hours. 3DES is better but it only amounts to DES with a 128-bit key.
Definitely a limited shelf-live.
I don't see why we even need to discuss some of these issues to this length. Telnet = Bad = Plain Text SSH = Better = Some Sort of Encryption (A Decoder Ring is Still better than plain text)