What is it that you are trying to achieve? Are you trying to SSH to the firewall itself to do maintenance? If so then open up your ssh port from your specified address and you should be fine.
If you are talking about authenticating to allow passage through the firewall to internal addresses you might want to reconsider that option all together and go to either securemote or some other IPSEC VPN package. You really shouldn't be authenticating with the firewall with either telnet or SSH to be able to pass through. That authentication method does not allow the tunnel from the client to be encrypted after the connection is made unless a third party VPN software is used. As you stated telnet is also in clear text which makes the authentication dangerous as well. Try getting SecuRemote or SecureClient to work, that is most likely your best option. --The Crocodile ----- Original Message ----- From: "Michael R. White" <[EMAIL PROTECTED]> To: "Security-Basics" <[EMAIL PROTECTED]> Sent: Monday, October 22, 2001 7:23 AM Subject: Ssh & FW-1 > Anyone out there know of an Ssh feature that works with Firewall-1. My > users and myself telnet to the firewall for authentication to access > internal resources. Knowing that telnet traffic is unencrypted, I'd like to > find a better solution for allowing certain access to my internal network. > > TIA, > > Michael White > >
