This is the SSL-MZ telnet(d) package with encryption support. It comes from the 4.4BSD-Lite version of telnet and telnetd and is patched with the SSL-enhancement of Tim Hudson , which he did to the SRA-telnet sources. These patches were done by: Christoph Martin Christoph.Martin@Uni-Mainz.DE Tim Hudson then updated this package to the SSLeay-0.5.1 release which introduced API changes and has merged the SSLtelnet changes into this package. The two versions are now merged and are being jointly maintained. You can do whatever you like with these patches except pretend that you wrote them. The original location of this package is ftp://ftp.uni-mainz.de/pub/internet/security/ssl/SSL-MZapps It is also always available at the standard SSL Application location ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLapps/ This package uses the SSL-implementation which can be found in ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-0.5.1.tar.gz The SSLeay FAQ (which includes pointers to the porting documentation and references to the other SSL-based applications) can be found at http://www.psy.uq.oz.au/~ftp/Crypto SSL-MZtelnet has been tested on Aix, HPUX, Linux, SCO, Ultrix, DEC Unix, Irix and Solaris with gcc. See PLATFORMS for a more detailed list of what has been tested. The package uses GNU configure to find out about the system properties. First you should install SSLeay[0.5.x] (and SOCKS if you are using it as part of your firewall setup). For configuring telnet and telnetd type: configure You can use --with-ssl to enable the SSL featues and --with-socks to include SOCKS support. --enable-warnings adds -Wall to CFLAGS if using GCC. To build telnet and telnetd type: make Test telnet like this: telnet -z ssl www.netscape.com https (if https is unknown then use 443 :-) then type GET / and you should get back the HTML for the Netscape home page For installing put the path of telnetd in /etc/inetd.conf and send a kill -HUP to inetd. (On SCO this is not working :( ). Then you have to install at least the self-signed certificates I assume that the following exist: /usr/local/ssl/bin (all the SSLeay utilites) /usr/local/ssl/lib (libcrypto.a, libssl.a) /usr/local/ssl/include (required SSLeay header files) /usr/local/ssl/certs PUBLIC keys /usr/local/ssl/private PRIVATE keys For telnetd you can operate using a self-signed certificate (this is the easiest way of driving SSL as a "simple" stream encryption library). To generate the required file you can either use "make certificate" or do the following: PATH=$PATH:/usr/local/ssl/bin # SSLeay 0.5.0b+ (21-Dec-95) supports a quick mechanism for generating # "dummy" certificates cd /usr/local/ssl/certs req -new -x509 -nodes -out telnetd.pem -keyout telnetd.pem ln -s telnetd.pem `x509 -noout -hash < telnetd.pem`.0 Then *test* that verify likes the setup verify /usr/local/ssl/certs/telnetd.pem SSL bugs should be directed to ssl-bugs@mincom.oz.au SSL comments/discussion should be directed to ssl-users@mincom.oz.au If you email ssl-users-request@mincom.oz.au you will be emailed instructions on how to interact with the majordomo varient that is managing this list. Have a look at the README.apps files for the documentation that Tim Hudson put together for the original SSLtelnet on which these patches are based.