-=> Andy Ball wrote to Michel Samson <=-

 AB> Hello Michel,

  MS> ...but with a twist;  i'd keep ~TelNet~ but require my LEGACY
    > users to validate using ~SSH~ and then grant ~TelNet~ access
    > only after the ~IP~ address is approved...

 AB> That would not work for the many, many people who are assigned IP
 AB> addresses dynamically (not just dial-up users, but also many DSL
 AB> customers).

  MS> I can live with innovations since ~TelNet~ can be secure enough
    > if combined with ~SSH~/~HTTPS~

 AB> SSH supercedes telnet for applications where security is a concern.
 AB> Combining them is odd.

  MS> ...i might even imagine other ways to adapt plain old ~TelNet~
    > sessions without any newer protocols (via additionnal security
    > macros/utilities, perhaps?)...

 AB> Why reinvent the wheel?


My only thought to this is as you say, why re-invent the wheel?  

From a quick search through apt-cache search telnet and ftp, I find:

telnet-ssl - The telnet client with SSL encryption support.
telnetd-ssl - The telnet server with SSL encryption support.
ftpd-ssl - FTP server with SSL encryption support.

etc...

I know that both ends have to have the SSL setup, but, that seems to
preclude the entire situation... 

Just a thought.




... Anime Excuse #016: Training with Ranma
--- MultiMail/Linux v0.45
--- SBBSecho 2.00-Win32