Re: Securing ssh tunnels.
From: Chuck Milam (chuck_at_milams.net)
Date: 06/25/03
- Previous message: Andrew McCall: "sftp Newbie Questions!"
- In reply to: Darren Reed: "Securing ssh tunnels."
- Next in thread: Darren Reed: "Re: Securing ssh tunnels."
- Reply: Darren Reed: "Re: Securing ssh tunnels."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 25 Jun 2003 09:53:28 -0500 (CDT) To: secureshell@securityfocus.com
On Wed, 25 Jun 2003, Darren Reed wrote:
> In a recent encounter with another company, we attempted to get ssh
> access through their firewall but got turned down because it was too
> insecure.
I think perhaps the term "too insecure" is not quite right here. In
actuality, what they are saying is that SSH is TOO SECURE, so they can't
spy on what is traversing their networks.
> ie. with ssh tunneling there is very little real access control on
> network data between the two systems and unlike plain text protocols
> which can be proxied to ensure correctness of content, this is not
> possible with ssh tunnels.
>
> Has anyone else come across this sort of reasoning ?
Sounds like something my former manager would have dreamed up. ;-)
What exactly does "correctness of content" mean here?
It reality, this seems to be a "people problem" / trust issue.
> Mind you, I don't dispute it, it's just inconvenient.
In my opinion, it's silly, and should be disputed.
-- Chuck Milam chuck@milams.net
- Previous message: Andrew McCall: "sftp Newbie Questions!"
- In reply to: Darren Reed: "Securing ssh tunnels."
- Next in thread: Darren Reed: "Re: Securing ssh tunnels."
- Reply: Darren Reed: "Re: Securing ssh tunnels."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
