Jeff, I agree entirely with your comments about ssh. If you've had a
chance to attend one of the SANS (Security and Networking Conferences),
they make a big point of showing that 90% of hacking done to machines are
from within and not from outside of a firewall. Many networks use hubs and
not switches. That means any skilled employee with Win98, NT or 2000 can
setup a network connection and sniff the network for clear text passwords.
Telnet, NS-VT, and FTP.
In large companies spread across the world, intranet security is a very
big concern. That is why many of the larger companies are embracing ssh or
DCE.