Date: Tue, 03 Oct 2000 09:16:24 +0100 From: Adam Laurie <adam@algroup.co.uk> To: Matt Dillon <dillon@earth.backplane.com> Cc: Garance A Drosihn <drosih@rpi.edu>, freebsd-security@FreeBSD.ORG Subject: Re: Proposed minor mod to openssh for interactive operation Message-ID: <39D995D8.14DD0721@algroup.co.uk> References: <200009300023.e8U0NUW20137@earth.backplane.com> <v04210103b5fe97d648bf@[128.113.24.47]> <200010030000.e9300o311655@earth.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Matt Dillon wrote: > > :> two programs interactively. > :> That is, send command, wait response, send command, wait > :> response. Delaying packets is a bad idea and cuts > :> performance over the link by about 20%. > : > :Would it be more appropriate to use stunnel (in ports) instead > :of an ssh connection for your application? > : > :(I'm just wondering...) > :--- > :Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu > > No, ssh provides the authentication mechanism as well as the > secure link trivially. Besides, both rsh and ssh were designed > for two-way operation so presumably they should actually do it > in a reasonably optimal manner when two-way operation is requested. stunnel can do authentication just as trivially... http://www.stunnel.org/faq/certs.html#ToC10 cheers, Adam -- Adam Laurie Tel: +44 (20) 8742 0755 A.L. Digital Ltd. Fax: +44 (20) 8742 5995 Voysey House http://www.thebunker.net Barley Mow Passage http://www.aldigital.co.uk London W4 4GB mailto:adam@algroup.co.uk UNITED KINGDOM PGP key on keyservers To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39D995D8.14DD0721>