I got telnet over SSL working and thought I'd share the details since the
I got telnet over SSL working and thought I'd share the details since the next official release of SyncTERM looks like it's going to support it. For now we can use "stunnel" since the only BBS I've heard of that supports it natively is BBBS.
But anyway, I just had a quick look but it seemed to work at cfbbs.net..
In SyncTERM, you will have to edit your connection (F2) and change the connection type to "TelnetS". As previously mentioned, it should be included in the NEXT release of SyncTERM, so for now you will have to use the test versions linked at the very bottom of the SyncTERM web page.
I noticed a new telnets option in SyncTERM 1.2a recently so I gave your BBS a call with telnets. It seemed to work well and I was able to
connect and see your login screen.
I got telnet over SSL working and thought I'd share the details since the next official release of SyncTERM looks like it's going to support it.
For now we can use "stunnel" since the only BBS I've heard of that supports it natively is BBBS.
What's the rationale behind using TelnetS over SSH? As far as I'm aware the RFC never made it out of draft whereas of course SSH is widely adopted.
; CUSTOM: Only allow ciphers that are still considered secure (for
TLSv1.2 and below)
Hopefully some of these can be useful.
If you have time, could you please try scbbs.nsupdate.info:50992 (custom port), too? Just to see if you get to the login screen...
I haven't gotten around to upgrading my SyncTERM on Windows to 1.2 yet, but I'm hoping to do so soon.
What's the rationale behind using TelnetS over SSH?
As far as I'm aware the RFC never made it out of draft whereas of course SSH is widely adopted.
I never knew telnets never moved beyond the draft stage and I don't know why that is. Duece's reason for adding telnets was to support BBSs that use it if I read his comment right.
; CUSTOM: Only allow ciphers that are still considered secure (for TLSv1.2 and below)
Hopefully some of these can be useful.
awesome. yeah i'm guessing syncterm uses cryptlib like synchronet does. hopefully it doesn't get back that list of restrictions and bail out lol.
If you have time, could you please try scbbs.nsupdate.info:50992 (cus port), too? Just to see if you get to the login screen...
Yep, your BBS answers and looks good.
I guess this means that SyncTERM uses a modern version of cryptlib (not requiring CBC ciphers) which would otherwise cause the connection to fail...
well, unless we talk about starttls, which requires actual protocol handling in the "child" protocol, there isn't really much to it.
the rfc would be quite boring really. "1) establish ssl connection. 2) carry out telnet connection over it". that's the only difference between https/http, imaps/imap, etc. too.
I guess this means that SyncTERM uses a modern version of cryptlib (not requiring CBC ciphers) which would otherwise cause the connection to fail...
We patch/configure cryptlib to choose the ciphersuite preferences/requirements.
Sysop: | Gary Ailes |
---|---|
Location: | Pittsburgh, PA |
Users: | 132 |
Nodes: | 5 (0 / 5) |
Uptime: | 196:30:29 |
Calls: | 733 |
Files: | 2,171 |
Messages: | 81,876 |