From owner-freebsd-questions@FreeBSD.ORG Tue May 3 15:01:33 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7966A1065670 for ; Tue, 3 May 2011 15:01:33 +0000 (UTC) (envelope-from jon@radel.com) Received: from wave.radel.com (wave.radel.com [216.143.151.4]) by mx1.freebsd.org (Postfix) with ESMTP id 35A168FC13 for ; Tue, 3 May 2011 15:01:32 +0000 (UTC) Received: by wave.radel.com (CommuniGate Pro PIPE 4.1.6) with PIPE id 10158367; Tue, 03 May 2011 11:01:32 -0400 Received: from [192.168.43.232] (account jon@radel.com HELO gravenstein.local) by wave.radel.com (CommuniGate Pro SMTP 4.1.6) with ESMTP-TLS id 10158365 for freebsd-questions@freebsd.org; Tue, 03 May 2011 11:01:23 -0400 Message-ID: <4DC018C5.6000102@radel.com> Date: Tue, 03 May 2011 11:01:25 -0400 From: Jon Radel User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.15) Gecko/20110303 Thunderbird/3.1.9 MIME-Version: 1.0 To: freebsd-questions@freebsd.org References: <4DC00FB5.7080306@msen.com> In-Reply-To: <4DC00FB5.7080306@msen.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-Radel.com-MailScanner-Information: Please contact Jon for more information X-Radel.com-MailScanner: Found to be clean X-Mailer: CommuniGate Pro CLI mailer Subject: Re: OT: Security question (openssl vs openssh) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 May 2011 15:01:33 -0000 On 5/3/11 10:22 AM, Mark Moellering wrote: > > Everyone, > I am looking into setting up a webserver to hold some very sensitive > information. I am trying to figure out which is more secure, forcing any > web connections to be done using an ssh tunnel or forcing ssl. > I have not been able to figure out if one is definitively much more > secure than another or if they are close to the same. I would have > initially thought the ssh tunnel was more secure but knowing that ssl > can use AES-256, I am now wondering if that isn't adding a complexity > for little extra security. > > Thanks in advance > > Mark Moellering I'd say that that's a really hard problem to answer definitively, but my gut reaction is that the less complex solution is less likely to involve configuration screw-ups which compromise security. Particularly if other administrators are or will be involved, that which is too clever just begs for innocent, even if clueless, changes that compromise assumptions upon which the security depends. In any case, I'd worry more about how I handle user authentication and authorization than squeezing the last little drop of warm fuzzies out of the encryption setup. To the extent that if you already have a fully trusted infrastructure in place for ssh keys, you might want to consider using ssh tunnels for that reason alone. Or, to put it another way, if your security is going to fall, it's much more likely that it's going to involve a poor configuration choice, a user that screws up big time, or a "back door" to the data, than a successful "technical" attack against TSL or SSH. --Jon Radel jon@radel.com