From owner-freebsd-security  Tue Oct  3  1:16:58 2000
Delivered-To: freebsd-security@freebsd.org
Received: from eastwood.aldigital.algroup.co.uk (eastwood.aldigital.algroup.co.uk [194.128.162.193])
	by hub.freebsd.org (Postfix) with ESMTP id 4703C37B502
	for <freebsd-security@FreeBSD.ORG>; Tue,  3 Oct 2000 01:16:54 -0700 (PDT)
Received: from algroup.co.uk ([193.195.56.225]) by eastwood.aldigital.algroup.co.uk (8.8.8/8.6.12) with ESMTP id IAA05958; Tue, 3 Oct 2000 08:16:24 GMT
Message-ID: <39D995D8.14DD0721@algroup.co.uk>
Date: Tue, 03 Oct 2000 09:16:24 +0100
From: Adam Laurie <adam@algroup.co.uk>
Organization: A.L. Group plc
X-Mailer: Mozilla 4.72 [en] (Win95; U)
X-Accept-Language: en
MIME-Version: 1.0
To: Matt Dillon <dillon@earth.backplane.com>
Cc: Garance A Drosihn <drosih@rpi.edu>, freebsd-security@FreeBSD.ORG
Subject: Re: Proposed minor mod to openssh for interactive operation
References: <200009300023.e8U0NUW20137@earth.backplane.com> <v04210103b5fe97d648bf@[128.113.24.47]> <200010030000.e9300o311655@earth.backplane.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Matt Dillon wrote:
> 
> :>    two programs interactively.
> :>    That is, send command, wait response, send command, wait
> :>    response.  Delaying packets is a bad idea and cuts
> :>    performance over the link by about 20%.
> :
> :Would it be more appropriate to use stunnel (in ports) instead
> :of an ssh connection for your application?
> :
> :(I'm just wondering...)
> :---
> :Garance Alistair Drosehn           =   gad@eclipse.acs.rpi.edu
> 
>     No, ssh provides the authentication mechanism as well as the
>     secure link trivially.  Besides, both rsh and ssh were designed
>     for two-way operation so presumably they should actually do it
>     in a reasonably optimal manner when two-way operation is requested.

stunnel can do authentication just as trivially...
http://www.stunnel.org/faq/certs.html#ToC10

cheers,
Adam
--
Adam Laurie                   Tel: +44 (20) 8742 0755
A.L. Digital Ltd.             Fax: +44 (20) 8742 5995
Voysey House                  http://www.thebunker.net
Barley Mow Passage            http://www.aldigital.co.uk
London W4 4GB                 mailto:adam@algroup.co.uk
UNITED KINGDOM                PGP key on keyservers


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message