Wow, that would definately be an overwhelming server environment. It would be very tempting to automate as much as I could. However, my advice would be to "stick with ssh" and its ftp counterparts. Even if these servers are not physically connected to the Internet you obviously are in an environment that security would be an issue (college institution etc.).

I am going to think out loud a little on this one. First, the management of the scripts on each server and the keys would be a little bit of a headache. (I want to say nightmare but I am going to avoid that.) If you decide that you are going to write login scripts across multiple platforms you want to make sure that you write the scripts very generic but very well. And since these are login scripts, poor programming + script language upgrade can lock you out of 1700 servers (especially if you want to login as root).

Still thinking out loud here. You cannot successfully expect to securelly login to a server using telnet. Everything sent across that port is clear text. So, if you encrypt the password, send it across telnet, and the server side auto-compares the encrypted password with the shadow files or un-encrypts them, then a capture and reproduce of the packet and then a login with the same encrypt string will allow access to the server (along with the su password if sent afterwards across telnet).

With SSH you can allow direct root access (not my advice but it is a config option - usually on by default).

.If you are accessing from a Windoze box then a program like secureSSH will allow you to store your passwords and easily create multiple connections quickly. It does all of the key management (saving etc.) for you on the client end. It will also allow you to create scripts to run on the server after you login in. This is not the only package out there, there are others like Reflections etc. If you are loggin from another Unix box then then you can script a nice client that includes the basic login "ssh server -l user" and then do whatever your heart desires.

The login script on the server side needs to only contain what you do after you have successfully logged in. Don't let that be part of the login validation and install process.

There is good advice in the other answers you have been given. Now for the part of the installation of the ssh software. You can script that with Perl. As long as all of you OS's are consistent with the locations, versions of libraries, and module requirements. If not then creating a install script may take some time but be very valuable in your setup. The important thing is SECURITY, SECURITY, SECURITY. There is too much junk flying around the Internet these days to ignore that. I wish you the best but I don't envy you.