For 99.9% percents of networks, SSH/SLOGIN at the cisco (in conjuction with S/KEI or simular if you want extra protection) is enougph for the routers. May be, ssh have some security problems, but I hardly imagine where they can be important except some bank system when intruder can get 100,000$ at once in case of success. On the other hand, for now, 99% or routers over the world are configured withouth any security except simple access lists and simple multi-used passwords. Just because something though _ssh is not enougph and is not nessesary at all_. As usial - you should start from the small steps (ssh) and then go to the big ones (IPSEC) if nessesary, not vice versa. K4, K5 - Kerberos was killed by the USA's goverment, unfortunately... -:) No any interest.
K4, maybe. K5? Not quite so easily. Either is not nearly as bad as open telnet. And "has had known security problems" is not the same as "has known security problems," and the former does not strenghen your argument nearly as much as you seem to think it does.
Perhaps you should follow your own career advice.
--msa
Aleksei Roudnev, Network Operations Center, Relcom, Moscow (+7 095) 194-19-95 (Network Operations Center Hot Line),(+7 095) 230-41-41, N 13729 (pager) (+7 095) 196-72-12 (Support), (+7 095) 194-33-28 (Fax)