undefined | Better HN

0 pointsaugusto-moura2y ago0 comments

rsh would fill the same gap for authentication, (or even raw telnet), or anything that integrates with unix users.

What makes SSH different is the encrypting part. The keys were only introduced to be used by the encryption algorithms. Users and multiple identities were a core detail of nixes much before SSH

0 comments

2 comments · 1 top-level

yencabulator2y ago· 1 in thread

rsh relies on the client host to not lie, that's quite a different level of guarantee than touching a Yubikey.

augusto-mouraOP2y ago

Ok, I get what you mean rlogin and rsh are not safe because of inumerous legacy problems. But I think you get what I meant as well, authorization problems can be solved without SSH.

I said that even rsh would do because will can ignore all the weird outdated stuff and just login with an user and password, same as a local login. In that case telnet would also work.

However, I truly believe that cryptographic keys are way superior to passwords. And going back to them would be a huge step back

j / k navigate · click thread line to collapse