Correction: SUMMARY: Secure Telnet

From: Brian Exelbierd (
Date: Tue Nov 10 1998 - 14:03:28 CST

Apparently SecureCRT works fine with 1.x SSH daemons. I did not test
the information I was given that was contrary. I have received success
reports specifically naming 1.2.26.

Sorry for any confusion,


attached mail follows:

First, the original questions:

Brian Exelbierd wrote:

> We are considering implementing a secure telnet solution and I was
> curious if anyone here had any caveats or experience? What software did
> you use, both on the client and server side? Did you continue to allow
> unsecured access? Can you restrict logins on certain ids to secure only
> access?
> The majority of our clients are utilizing windows 95, and we are looking
> at SecureCRT from Vandyke ( We are currently running
> Solaris 2.6, and several other unixes.

Overwhelmingly people recommended the ssh daemon for use.
It is available from
For commercial use you must purchase through DataFellows.

On the client side the ssh client was endorsed and everyone was very
positive about secure CRT.

Other clients mentioned included:

F-Secure from DataFellows (works with Exceed too)
Tera Term Pro
secure shell (ssh) - available
tcp wrappers

One caveat is that SecureCRT only supports version 2.0.x of SSH, not version

I got only one policy response:

We do not allow unsecured access to internet machines. Internal machines,
by the nature of who needs to access them, continue to allow insecure
access, but we do not allow the rhost-type services.

Other comments of note:
Hughes sells a product that is flexible enough to do what you want. It's
called Netlock. Sorry no other current info available. I have used the
product in the past, and it works well.
I am looking at SRP (Secure Remote Password) from Stanford University.

SRP Telnet is backward-compatible, i.e. it can connect to an old-style,
plaintext-password telnet server.

I got hold of it only last week, therefore I am not yet able to give more

See <> for more information.

Sources are included. Site also has comparison with SSH and other protocols.

I am going to propose the implementation of the SecureCRT with the
DataFellows SSH daemons for our unix boxes. Given our environment, the
elimination of non-encrypted telnet is probably not an option.

Thanks to everyone for the great information:

Auteria Wally Winzer Jr. wally.winzer@ChampUSA.COM
Greg Obremski
David L. Markowitz
Kelly Setzer
Cooke, Earl R.
Swee-Chuan Khoo
Patrick Shannon
Roy S. Rapoport
Timothy Lorenc
Justin Clift
Jim Seavey
Graham Leggett
Andrew Kyle
Au , Louis
Robert L. Harris
Ka Kau Chan
Jason Harrell
Rodney Marable
Jason K Schechner

This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:12:52 CDT