Re: Question about SSH, well duh.

• Previous message: Nico Kadel-Garcia: "Re: Mapped SCP Drive on windows"
• In reply to: Richard E. Silverman: "Re: Question about SSH, well duh."
• Next in thread: Richard E. Silverman: "Re: Question about SSH, well duh."
• Reply: Richard E. Silverman: "Re: Question about SSH, well duh."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sun, 27 Jul 2003 21:02:05 GMT

OK that is waht I thought. So is you were posting to this group
through X newserver in order for the data to be encrypted as it comes
through the SSH Proxy, the news server would need to be SSH also. Is
that right?

ex:
SSH client > SSH Proxy >SSH New Server

Now all data is encrypted going FROM the news server TO the SSH proxy,
and then from the proxy, of course, to the client. (Right?)

On 26 Jul 2003 01:15:32 -0400, Richard E. Silverman <res@qoxp.net>
wrote:

>
>> OK that makes perfect sense. Now is it then possible to go from a SSH
>> server to yet another trusted SSH server from the client, which would
>> be like this:
>> SSH cleint>SSH Server>SSH Server and back again. This would make the
>> middle SSH Server unable to decrypt teh information, correct?
>
>It depends on what you mean by "go from." If you're doing this:
>
> A% ssh B ssh C
>
>then the data is decrypted by B and re-encrypted for transport over the
>second SSH connection. However, if you funnelled the first SSH connection
>through the second by proxying or tunnelling, then B would have no special
>vantage point with regard to the data. E.g.
>
> A% ssh -o proxycommand="ssh B nc C 22" C
>
>or
>
> A% ssh -L 1234:C:22 B
> A% ssh localhost -p 1234 -o hostkeyalias=C

• Previous message: Nico Kadel-Garcia: "Re: Mapped SCP Drive on windows"
• In reply to: Richard E. Silverman: "Re: Question about SSH, well duh."
• Next in thread: Richard E. Silverman: "Re: Question about SSH, well duh."
• Reply: Richard E. Silverman: "Re: Question about SSH, well duh."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: ssh security question ... In my case - the client is a windows client and the ssh is embedded into the windows nx client. ... Is there any reason I can't run ssh-keygen on the server and copy the private key to the client - and the public key to the "authorised" directory? ... sniffer can catch your passwords, and it would make it trivial to log in ... (SSH) Re: Publishing a SSH Server ... Your unix box cannot reply to SSH request, ... Create a client address set for your unix box (ip address from to are the ... Jim Harrison [ISA SE] ... In that case the server is a SecureNET client but still it doesn't work.... ... (microsoft.public.isa.publishing) Re: FC6 VPN ... Then you can run any application you would like off the server by simply running it, or if you want to run a whole session, use gnomesession. ... ssh client that supports X forwarding, which is want you want to be looking at. ... SSH allows you to forward any local port to any remote port. ... If you need to connect to, say a windows share, you would forward your local port to the linux server through the ssh tunnel. ... (Fedora) Re: Password less login between client & server, server & client ... password less logins on both the ssh client and ssh server. ... Login as the user that is making the connection. ... (comp.security.ssh) Re: Apache Software Foundation Server compromised, resecured. (fwd) ... this was one "result" of the comromised ssh binary at sourceforge. ... a public server of the Apache Software Foundation ... > (ASF) was illegally accessed by unknown crackers. ... > exhaustive audit of all Apache source code and binary distributions ... (FreeBSD-Security)