From: Jen Selby Date: Thu, 27 Jun 2002 17:51:52 +0000 (+0000) Subject: * rsh.M: added warning that encryption does not encrypt the X-Git-Tag: krb5-1.3-alpha1~630 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=6cf9eb3c02e6ed0ba83c3625dd42528d8e98c24a;p=krb5.git * rsh.M: added warning that encryption does not encrypt the command line *rlogin.M: added warning that username is sent unencrypted git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14589 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/appl/bsd/ChangeLog b/src/appl/bsd/ChangeLog index cd862246b..81e76dd0d 100644 --- a/src/appl/bsd/ChangeLog +++ b/src/appl/bsd/ChangeLog @@ -1,3 +1,9 @@ +2002-06-27 Jen Selby + + * rsh.M: added warning that encryption does not encrypt the + command line + *rlogin.M: added warning that username is sent unencrypted + 2002-06-25 Ken Raeburn * kcmd.c (kcmd): Don't restrict addresses to IPv4. diff --git a/src/appl/bsd/rlogin.M b/src/appl/bsd/rlogin.M index 56c11aa29..da0e8d724 100644 --- a/src/appl/bsd/rlogin.M +++ b/src/appl/bsd/rlogin.M @@ -131,9 +131,10 @@ instead of the remote host's realm as determined by .IR krb_realmofhost (3). .TP \fB\-x\fP -turn on DES encryption for all data passed via the rlogin session. This -significantly reduces response time and significantly increases CPU -utilization. +turn on DES encryption for data passed via the rlogin session. This +applies only to input and output streams, so the username is sent +unencrypted. This significantly reduces response time and +significantly increases CPU utilization. .TP \fB-PN\fP .TP diff --git a/src/appl/bsd/rsh.M b/src/appl/bsd/rsh.M index 11a7290f5..cefd00384 100644 --- a/src/appl/bsd/rsh.M +++ b/src/appl/bsd/rsh.M @@ -61,7 +61,8 @@ sets the remote username to Otherwise, the remote username will be the same as the local username. .TP \fB\-x\fP -causes the network session traffic to be encrypted. +causes the network session traffic to be encrypted. This applies only +to the input and output streams, and not the command line. .TP \fB\-f\fP cause nonforwardable Kerberos credentials to be forwarded to the remote