secure router access

Michael Dillon writes:

You still have to setup sshd and appropriate user accounts. WRT Cisco you
would need something like Tacacs or RADIUS, which would also need to be
setup. These aren't exactly "point and shoot" either.

If you have trouble setting up kerberos, try kerbnet from Cygnus.

I grant that Kerberos is a bit more sophisticated, and slightly more
complicated, though.

Not to mention that there is also sslTelnet.


i have used both kerberos and ssh for quite a while, though kerberos
first, of course, as ssh is fairly new. each has its features, easy
points, hard points. that's why i use 'em both, i guess.

i only played with kerberos to ciscos for a bit. works. i use ssh to
junipers. works. i can imagine that router vendors see licensing issues
between the two.