From owner-freebsd-security  Mon Oct  2 17: 1: 8 2000
Delivered-To: freebsd-security@freebsd.org
Received: from earth.backplane.com (placeholder-dcat-1076843290.broadbandoffice.net [64.47.83.26])
	by hub.freebsd.org (Postfix) with ESMTP id 6E78237B502
	for <freebsd-security@FreeBSD.ORG>; Mon,  2 Oct 2000 17:01:06 -0700 (PDT)
Received: (from dillon@localhost)
	by earth.backplane.com (8.11.0/8.9.3) id e9300o311655;
	Mon, 2 Oct 2000 17:00:50 -0700 (PDT)
	(envelope-from dillon)
Date: Mon, 2 Oct 2000 17:00:50 -0700 (PDT)
From: Matt Dillon <dillon@earth.backplane.com>
Message-Id: <200010030000.e9300o311655@earth.backplane.com>
To: Garance A Drosihn <drosih@rpi.edu>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: Proposed minor mod to openssh for interactive operation
References: <200009300023.e8U0NUW20137@earth.backplane.com> <v04210103b5fe97d648bf@[128.113.24.47]>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


:>    two programs interactively.
:>    That is, send command, wait response, send command, wait
:>    response.  Delaying packets is a bad idea and cuts
:>    performance over the link by about 20%.
:
:Would it be more appropriate to use stunnel (in ports) instead
:of an ssh connection for your application?
:
:(I'm just wondering...)
:---
:Garance Alistair Drosehn           =   gad@eclipse.acs.rpi.edu

    No, ssh provides the authentication mechanism as well as the
    secure link trivially.  Besides, both rsh and ssh were designed
    for two-way operation so presumably they should actually do it
    in a reasonably optimal manner when two-way operation is requested.

						-Matt


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message