OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: Proposed minor mod to openssh for interactive operation
From: Adam Laurie (adamalgroup.co.uk)
Date: Tue Oct 03 2000 - 03:16:24 CDT

Matt Dillon wrote:
>
> :> two programs interactively.
> :> That is, send command, wait response, send command, wait
> :> response. Delaying packets is a bad idea and cuts
> :> performance over the link by about 20%.
> :
> :Would it be more appropriate to use stunnel (in ports) instead
> :of an ssh connection for your application?
> :
> :(I'm just wondering...)
> :---
> :Garance Alistair Drosehn = gadeclipse.acs.rpi.edu
>
> No, ssh provides the authentication mechanism as well as the
> secure link trivially. Besides, both rsh and ssh were designed
> for two-way operation so presumably they should actually do it
> in a reasonably optimal manner when two-way operation is requested.

stunnel can do authentication just as trivially...
http://www.stunnel.org/faq/certs.html#ToC10

cheers,
Adam 

--
Adam Laurie                   Tel: +44 (20) 8742 0755
A.L. Digital Ltd.             Fax: +44 (20) 8742 5995
Voysey House                  http://www.thebunker.net
Barley Mow Passage            http://www.aldigital.co.uk
London W4 4GB                 mailto:adamalgroup.co.uk
UNITED KINGDOM                PGP key on keyservers

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message