Re: Securing ssh tunnels.
From: Darren Reed (avalon_at_caligula.anu.edu.au)
Date: 06/26/03
- Previous message: Paul Newhouse: "Re: Securing ssh tunnels."
- In reply to: Paul Newhouse: "Re: Securing ssh tunnels."
- Next in thread: Brian Hatch: "Re: Securing ssh tunnels."
- Reply: Brian Hatch: "Re: Securing ssh tunnels."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: newhouse@rockhead.com (Paul Newhouse) Date: Thu, 26 Jun 2003 14:06:06 +1000 (Australia/ACT)
In some mail from Paul Newhouse, sie said:
>
>
> I'd guess they don't want (or can't) sshd running on their firewall and can't
> figure out how to route through a secure incoming ssh connection, through
> the firewall.
I was thinking why would you do this and then I thought, shouldn't
there be an ssh proxy ? (You can all stone me for suggesting this
after you've read it ;)
The idea would be to use either an unencrypted ssh connection to a
proxy and then the proxy makes an outbound connection to the host.
The problem with this is most obviously that it interferes with the
manner in which host authentication is decided unless the proxy was
transparent (a la transparent web proxy) in nature so the client
was unaware of the MITM. Then there's got to be a problem of the
authentication being in clear text ?
Well I suppose others must have given some consideration to an ssh
proxy in the past and shot the idea down in flames already ?
Cheers,
Darren
- Previous message: Paul Newhouse: "Re: Securing ssh tunnels."
- In reply to: Paul Newhouse: "Re: Securing ssh tunnels."
- Next in thread: Brian Hatch: "Re: Securing ssh tunnels."
- Reply: Brian Hatch: "Re: Securing ssh tunnels."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
