Re: looking for hardware SSH Port Forwarding devices
From: Shawn Giese (shawngiese_at_bluemail.ch)
Date: Fri, 1 Aug 2003 09:49:13 +0200
Well, of course anyone can download openssh binaries and roll their own
server for free.
Regarding our product, yes it has the SSH server rolled into its embedded
Linux with AES encryption and Public key or username/password
authentication. Remote clients are needed to get in but it is a cheaper
client solution than IPSec because the clients
1) are free in many cases
2) are very light weight that even PalmOS, WinCE, or the Nokia 9200 series
super-phone have clients for them
The benefit of having it in one device,
1) our configuration is much simpler than raw Linux server administration
2) it is integrated with the firewall so that SPI rules can be made to limit
access to the network
3) its the size of 2 palm pilots, one on top of the other.
"Richard E. Silverman" <firstname.lastname@example.org> a écrit dans le message de
> >>>>> "SG" == News-Bluewin <email@example.com> writes:
> SG> Hello, I am the technical writer for a company making embedded
> SG> Linux Firewalls (www.apliware.com) and we just added SSH Port
> SG> Forwarding to our latest firmware. I was trying to make a
> SG> comparison to other products but I can only find
> SG> software... OpenSSH, SecureShell, F-Secure, Vshell.
> SG> Does anyone know of some actual hardware firewall products that do
> SG> this?
> I don't know why you're drawing this distinction -- a standard Intel box
> with a disk running OpenBSD and OpenSSH is just as much software running
> on hardware as your product; just because yours is smaller and doesn't
> have a disk doesn't make it any more "actual hardware." And plenty of
> people use exactly such a machine instead of a product like yours.
> Also, it's not clear what exactly you mean by "adding SSH Port Forwarding"
> to such a product. Do you mean that you have an SSH server in it, allow
> connections to it via SSH from the external network, and have now added
> the ability to do port forwarding over such a connection?
> Richard Silverman