Kerberized rsh versus SSH

Premise

I was looking for is the "securest" tool to be used by rsync or rdist (for the purposes of this discussion, it doesn't really matter which.)

The functional requirement is that program be able to be called from another program (rsync or rdist) and establish a shell-like connection to multiple hosts without the need for a human to type a password more than once.

Choices

Here are the tools i'm aware of and their pros and cons:

Kerberized (v5) rsh

Pros:

Uses the Kerberos v5 protocol for authentication, which is generally consider to be secure.
Tickets (credentials) expire, typically in less than 12 hours. So if the creds are stolen, they cannot be used forever.

Cons:

rsh is probably vulnerable to man-in-the-middle attacks, if the attacker can guess the right IP sequence number, and defeat the rsh protocol checksum.
Even when called with -x, the command line is not encrypted. (Though the output from the remote command is.)
Is no longer part of the base NetBSD install.

SSH v1

Pros:

OpenSSH v2.5.1 Ships with NetBSD 1.5.2.

Cons:

The only "non-interactive" methods of host-to-host authentication are:
- Kerberos v4, which has known weaknesses.
- Password-protected key does not expire.
- The SSH v1 protocol has known weaknesses to man-in-the-middle attacks.

SSH v2

Pros:

OpenSSH v2.5.1 Ships with NetBSD 1.5.2.
The SSH v2 protocol is generally considered to be secure.

Cons:

Slow: Takes dozens of seconds to get a prompt on sun4c hardware running the base load of NetBSD 1.5.2. Based on the debug output and traffic mailing lists and newsgroups, this appears to be the overhead associated with v2 (DSA?) key generation and exchange, though i suppose it could be something else like a lack of entropy for /dev/random.
Must keep the $HOME/.ssh/authorized_keys in sync on all the client machines.
The only "non-interactive" methods of host-to-host authentication are:
- Kerberos v4, which has known weaknesses.
- Password-protected key does not expire.

Conclusion

Unfortunately, i think the latency associated with logging into an older SPARC machine via SSH v2 will be the decideing factor. I have a stack of trusty sun4c machines (SPARC 1, 1+, 2 IPC, etc.) i really want to use, and NetBSD runs like a champ on them, so there's really no reason to pitch them in the damn landfill.

So if i'm not using SSH v2, it's either SSH v1 or Kerberized rsh. Given the hassles of managing SSH's authorized_keys and v1's known protocol vulnerabilities, i'm leaning towards rsh, with its own protocol weakness. (Sigh)

Hopefully the OpenSSH people will add support for accept Kerberos v5 tickets.

$Id: rsh-v-ssh.html,v 1.3 2002/09/01 10:16:49 johan Exp $