talexander
/
freebsd_amp_hwpstate
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add a blurb about SRA-enhanced telnet. 

Not-Approved-by: jkh (he said documentation didn't need it)
This commit is contained in:
Nick Sayer 2000-02-14 19:38:38 +00:00
parent 8425f9e744
commit 228524cb50
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
release/texts/i386/RELNOTES.TXT
View File

@ -172,6 +172,16 @@ OpenSSL v0.9.4 (a general-purpose cryptography and SSL2/3/TLSv1 toolkit)
has been integrated with the base system. In the future this will be used
to provide strong cryptography for FreeBSD utilities out-of-the-box.
Telnet has a new encrypted authentication mechanism called SRA. SRA
uses a Diffie-Hellmen exchange to establish a session key, then uses
that to DES encrypt the username and password. As a side effect the
session key is used to DES encrypt the session. SRA is vulnerable to
man-in-the-middle attacks, the DH parameters are on the small side,
and DES is showing its age, but the benefits are that it requires
absolutely no administrative changes to the machine to work, and is
at the very least a step up from plaintext. To use it, you need to
either use "telnet -ax" or set up a .telnetrc to enable it by default.
1.3. USERLAND CHANGES
---------------------