From owner-freebsd-chat@FreeBSD.ORG Thu Mar 26 20:07:19 2009 Return-Path: Delivered-To: chat@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C3B22106566B for ; Thu, 26 Mar 2009 20:07:19 +0000 (UTC) (envelope-from chuckr@telenix.org) Received: from mail3.sea5.speakeasy.net (mail3.sea5.speakeasy.net [69.17.117.5]) by mx1.freebsd.org (Postfix) with ESMTP id 9BABA8FC15 for ; Thu, 26 Mar 2009 20:07:19 +0000 (UTC) (envelope-from chuckr@telenix.org) Received: (qmail 26177 invoked from network); 26 Mar 2009 19:40:38 -0000 Received: from april.chuckr.org (HELO april.telenix.org) (chuckr@[66.92.151.30]) (envelope-sender ) by mail3.sea5.speakeasy.net (qmail-ldap-1.03) with AES256-SHA encrypted SMTP for ; 26 Mar 2009 19:40:38 -0000 Message-ID: <49CBDA3A.5010704@telenix.org> Date: Thu, 26 Mar 2009 15:40:42 -0400 From: Chuck Robey User-Agent: Thunderbird 2.0.0.19 (X11/20090121) MIME-Version: 1.0 To: Randy Bush References: <995845.90009.qm@web63905.mail.re1.yahoo.com> <49CA6754.4030302@elischer.org> <49CAC20E.3020602@telenix.org> <49CAC8FE.5050708@elischer.org> <790a9fff0903251858w713adf32n85761295e42524d3@mail.gmail.com> In-Reply-To: X-Enigmail-Version: 0.95.5 OpenPGP: id=F3DCA0E9; url=http://pgp.mit.edu Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: chat@freebsd.org, Lyndon Nerenberg Subject: Re: Telnet root login X-BeenThere: freebsd-chat@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Non technical items related to the community List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Mar 2009 20:07:20 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This subject hasn't for anything at all to do with current, fellas, let's move it to chat, ok? it's going to get you into public trouble. Randy Bush wrote: >>> tar cjf - . | ssh user@hostb "(cd /desired/path; tar xjf -)" >> But I can't get full wire speed with ssh; with rsh I can. > > you want security? then it costs a bit. the times i want full wire > speed are rare. the times i want security are not. A common misconception among folks is that the full 1024 (or even bigger) key is only used for figuring out who you are (called authentication), and after you've got yourself authenticated, a fast algorithm (like IDEA, but it's configureable) is what's used, for speed. You need to be doing a lot of downloading of big files in order to feel the slowdown. Yeah, you do lose a very small amount, but not too much, IDEA's pretty efficient. And that complaint about rsh, ssh is usable to pass along shell commands, just the same way. I sometimes use a command like: ssh targetmachine lpr < filetoprint when I want to put some file on my local machine into the print queue of a foreign machine. It' executes lpr on the foreign machine, and transfers the file for you. Is that the kind of stuff you want in rsh, doable in ssh? If you've ever used rcp, you have (for ssh) scp, and I've always found the command syntax pretty simple. I just don't see where the ssh tools are inferior, in actual operation. The only thing zI really need to admit is that it seems like all the man pages ever written for any security stuff, their always written in a very hard to understand way, so it's hard to get started in ssh, harder than it has to be, but it's a fantastic tool. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAknL2joACgkQz62J6PPcoOmOwQCdHfQYlCSpqUAB0HCr268T38Ut C/oAn2ckv3Ik2o7fTlq9XHEUW7NTJO9p =u4g/ -----END PGP SIGNATURE-----