Re: Is a SSH tunnel for accessing POP3 over SSL really a safe solution?
From: Richard E. Silverman (res_at_qoxp.net)
Date: 09/19/05
- Next message: phyzlo_at_yahoo.com: "Re: No shell only forwarding"
- Previous message: ishapian: "Is a SSH tunnel for accessing POP3 over SSL really a safe solution?"
- In reply to: ishapian: "Is a SSH tunnel for accessing POP3 over SSL really a safe solution?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 19 Sep 2005 12:31:25 -0400
>>>>> "TG" == ishapian <tomas.gold@gmail.com> writes:
TG> Hi, I haven't found yet a satisfactory answer to the following
TG> situation. Due to a restrictive firewall on our campus network, I
TG> can't connect to POPS on my mailserver. What I do is that I set up
TG> a SSH tunnel using a server somewhere outside (different from the
TG> mailserver) to have my emails downloaded. What I am concerned
TG> about is the security of this solution.
TG> The communication between localhost and the server is secured
TG> (SSH) as well as the connection between the server and the
TG> mailserver (POP3 over SSL). But I wonder how safe are the data on
TG> the server itself?
TG> I think that the server has to decrypt the incoming transmission
TG> from mailserver and then encrypt it and send it over SSH.
No -- the SSH server does not decrypt anything coming from the mail
server. The SSL session is between your mail client and mail server; SSH
does not know or care about it. Since your POP connection is protected
end-to-end by SSL, you are reasonably safe.
-- Richard Silverman res@qoxp.net
- Next message: phyzlo_at_yahoo.com: "Re: No shell only forwarding"
- Previous message: ishapian: "Is a SSH tunnel for accessing POP3 over SSL really a safe solution?"
- In reply to: ishapian: "Is a SSH tunnel for accessing POP3 over SSL really a safe solution?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
