Secure telnet I guess this is a bit of a yawn by now, especially for anyone who is actually still waiting for my stelnet :-) However I'm pleased to announce that stelnet.tar.gz Can be down-loaded from ftp://ftp.quick.com.au/pub/sjg/ or http://www.quick.com.au/ftp/pub/sjg/ stelnet includes SSL based authentication and encryption compatible with Tim Hudson's SSLtelnet, as well as my own HPW authentication and DES based encryption. Why am I releasing yet another secure telnet when ssh and SSLtelnet are available? Simply because it _is_ telnet, and it is based on a later code base than other secure telnet's I've seen. I've personally used it daily on NetBSD, SunOS, Solaris and HP-UX systems for a few years now and have built it for others on IRIX, Solaris/x86 and Ultrix. The original SSL patches were done by Tim Hudson (SSLtelnet), but have been almost completely re-worked to use my libsslfd (included in SSLrsh.tar.gz so you need that too). The end result is much cleaner integration of the crypto code. Anyway, if there are bugs, blame me, not Tim. Have a look around http://www.quick.com.au/ftp/pub/sjg/help/ for more info. Note, I do all my building using the current BSD make(1), and while stelnet.tar.gz still contains all the original makefiles, I've not used or updated them for years, so I can promise they won't work. So if you are not using a modern BSD, need to obtain bmake, my bmake.tar.gz in the same directory uses GNU configure so should build reasonably easily - it certainly does on SunOS,Solaris,HP-UX and IRIX. stelnet-1.0.1.tar.gz contains stelnet stelnetd login and stpasswd The login(1) is derived from the NetBSD one and can be used on systems where login(1) does not support -f. It also supports s/key challenge response. The stpasswd is a tool that allows you to keep a separate passwd database for my HPW authentication method - default is to just use /etc/passwd. HPW is a nice simple authentication method that uses the hashed passwd as a shared secret key to authenticate without sending the passwd over the net. It currently still has some reliance on an unofficial option TELOPT_PKE which I used years ago before SSLeay came along, so you may choose to disable it if such unofficialdom gives you the shudders. I'm sure I've left something out... --sjg