ssh
Intended as a vehicle between two secure hosts across a hostile network
Could be used instead of say rsh (if you want to block r-series commands because of the insecurity)
Also suggested as replacement for telnet (because of telnet’s use of clear text)
But there are many other ways passwords can leak out in clear, especially mail (POP etc.) servers
And YP/NIS servers are also too happy to hand out (crypted) passwords if you know the yp domain name
Notes:
(this foil should be self explanatory)
Unfortunately the use of encryption is prohibited in France, which causes some problems with deploying this solution.