advertisement

Article:
  Cisco Router Management Using Tcl on Mac OS X
Subject:   telnet, SSH
Date:   2001-11-29 22:01:31
From:   res

Cisco routers also allow console "exec" access via Telnet, and (on some models and IOS versions) SSH -- and multiple console sessions can be active at once. Plain telnet is no less secure than the plaintext HTTP authentication described in the article. I use Telnet with Kerberos authentication for my routers, which at least gives secure authentication. And SSH (albeit only version 1) gives an encrypted connection. And these all do not have the limitations of the HTTP route, e.g. not being able to do a reload. Also, if you design a control interface to use the exec command language, it can also be used over the direct serial connection when necessary -- useful for initial configuration of a router, or when the configuration changes you're making will interrupt network connectivity.


For all these reasons, I think it's a better idea to use the exec rather than the HTTP server.