1. While RedHat is respected, Ubuntu is very widely deployed as well and is the most common distro that I run into (in my own limited experience).
2. My point for 2 is that not all traffic needs to be encrypted. If there's no confidential or private data, why waste the CPU cycles?
3. I disagree. Having telnet available by default does not open any new attack vectors.
4. Telnet may not be designed for it, but that's how it's widely used. SMTP and port troubleshooting have been done with telnet for years, and quite successfully. I think there needs to be a balance between availability and protecting the user, and on a server OS, that line should probably lean towards availability since an advanced user is assumed. By your reasoning, the 'del' command shouldn't be available by default because an unassuming user might delete an important file.
2. Telnet is, fundamentally, a remote login protocol; it's been bodged into doing other things, but that's its primary purpose, and it should be obvious why that needs encryption.
And you're seriously worried about wasting cycles on encryption? Did I accidentally step through a timewarp to 1970?
3. Telnet being available opens the attack vector of "user uses telnet to log into a remote system, transmitting credentials in the clear". That's a big enough vulnerability that the fact it doesn't introduce any other ones is really beside the point.
4. Telnet isn't just a program that can be used to do something unfortunate. It's a program that does something unfortunate by default, if you try to use it in the obvious way for the purpose for which it is designed. It's a gun that comes with the barrel pointing out the bottom of the handle.
And I really don't see any decent use cases for it. There are better tools for network testing, and better tools for remote login. It's time for it to die.
I disagree that telnet is fundamentally a remote login protocol. In fact, telnet has no login parameters built-in at all, like SSH does. Telnet is simply a TCP communication program, any login functions are part of the remote telnet daemon and have nothing to do with the local telnet client. Telnet is a networking tool first and foremost, and the login portion is what has been added on.
2. My point for 2 is that not all traffic needs to be encrypted. If there's no confidential or private data, why waste the CPU cycles?
3. I disagree. Having telnet available by default does not open any new attack vectors.
4. Telnet may not be designed for it, but that's how it's widely used. SMTP and port troubleshooting have been done with telnet for years, and quite successfully. I think there needs to be a balance between availability and protecting the user, and on a server OS, that line should probably lean towards availability since an advanced user is assumed. By your reasoning, the 'del' command shouldn't be available by default because an unassuming user might delete an important file.