No, not really... here's why:
you're connection to the jump-point (your linux box) is via SSH.
you're connection to the router is via telnet
configure the router to *only* accept telnet sessions from the linux box
So, in theory someone could sniff the network and get your login
authentication, because telnet is insecure...but they can't do anything with
it, because they can't ssh to the linux box. Man-in-the-middle is another
scenario altogether.
I'm not saying its going to stop everyone, but it will stop most...those who
are just curious anyway.
""Patrick Ramsey"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> seems to be the consensus... : )
>
> Although if you telnet from the linux box then you are just as insecure as
> you originally were...
>
> -Patrick
>
> >>> "Berry Mobley" 11/21/01 01:53PM >>>
> Why not just build a linux box with ssh support and telnet from there to
> the term server? Another step - but probably more secure...and a lot
> cheaper than another router.
>
> Berry
>
> At 01:04 PM 11/21/2001 -0500, you wrote:
> >Hi all,
> >
> >I currently use a 2511 RJ Terminal Server on a site with dial up access
> >through a modem. Ten pieces of Cisco equipment are then configured using
> >reverse telnet to their consoles.
> >Someone's thrown a spanner in the works. We now need to use something
such
> >as SSH to the Terminal Server.
> >The 2500 doesn't support it. The nearest I could think of was a 2610 with
an
> >NM16A (16 port Async) module. Unfortunately to run a decent version of
code
> >with DES (for SSH support) this needs a DRAM and Flash upgrade.
> >There isn't as far as I can find, a 16 port RJ45 Asynchronous module
(closer
> >replacement for the 2511RJ), so we need two octal cables.
> >
> >Total Price around #4500 as opposed to around #1800 for the 2511RJ.
> >2511's always seemed a bit steep for this job, but using a 2610 for it
seems
> >to be even more so, even though the 2610 itself is only #1100. I think
all
> >this still only gives me SSH version 1.
> >
> >Does anybody have any ideas for suitable replacements. Space is a
concern,
> >but I am thinking about putting a 1U server in there to do the same job
if I
> >can source a 16 port serial card that fits, and I'm also looking at
whether
> >Shiva are still in the market. All ideas accepted gladly, but this does
have
> >to get past a security board. I don't want full solutions, just asking
for
> >brief ideas.
> >
> >Thanks,
> >
> >Gaz
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=27168&t=27038
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
