Date: Thu, 26 Mar 2009 15:40:42 -0400 From: Chuck Robey <chuckr@telenix.org> To: Randy Bush <randy@psg.com> Cc: chat@freebsd.org, Lyndon Nerenberg <lyndon@orthanc.ca> Subject: Re: Telnet root login Message-ID: <49CBDA3A.5010704@telenix.org> In-Reply-To: <m2prg4w9li.wl%randy@psg.com> References: <995845.90009.qm@web63905.mail.re1.yahoo.com> <E1LmSXe-000IqH-QM@clue.co.za> <49CA6754.4030302@elischer.org> <49CAC20E.3020602@telenix.org> <49CAC8FE.5050708@elischer.org> <alpine.OSX.2.00.0903251717180.28019@peregrin.local> <790a9fff0903251858w713adf32n85761295e42524d3@mail.gmail.com> <alpine.OSX.2.00.0903251859560.28019@peregrin.local> <m2prg4w9li.wl%randy@psg.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This subject hasn't for anything at all to do with current, fellas, let's move it to chat, ok? it's going to get you into public trouble. Randy Bush wrote: >>> tar cjf - . | ssh user@hostb "(cd /desired/path; tar xjf -)" >> But I can't get full wire speed with ssh; with rsh I can. > > you want security? then it costs a bit. the times i want full wire > speed are rare. the times i want security are not. A common misconception among folks is that the full 1024 (or even bigger) key is only used for figuring out who you are (called authentication), and after you've got yourself authenticated, a fast algorithm (like IDEA, but it's configureable) is what's used, for speed. You need to be doing a lot of downloading of big files in order to feel the slowdown. Yeah, you do lose a very small amount, but not too much, IDEA's pretty efficient. And that complaint about rsh, ssh is usable to pass along shell commands, just the same way. I sometimes use a command like: ssh targetmachine lpr < filetoprint when I want to put some file on my local machine into the print queue of a foreign machine. It' executes lpr on the foreign machine, and transfers the file for you. Is that the kind of stuff you want in rsh, doable in ssh? If you've ever used rcp, you have (for ssh) scp, and I've always found the command syntax pretty simple. I just don't see where the ssh tools are inferior, in actual operation. The only thing zI really need to admit is that it seems like all the man pages ever written for any security stuff, their always written in a very hard to understand way, so it's hard to get started in ssh, harder than it has to be, but it's a fantastic tool. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAknL2joACgkQz62J6PPcoOmOwQCdHfQYlCSpqUAB0HCr268T38Ut C/oAn2ckv3Ik2o7fTlq9XHEUW7NTJO9p =u4g/ -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?49CBDA3A.5010704>