Re: DICOM on SSH?

SpreadTooThin wrote:

Yep makes sence.. If I had thought about it for more than 30 seconds I
would have
done a man sshd.
Now.. because its medical data.. There are rules that need to be
followed.. and for whatever
reason ssh is not 'ethical'. It would appear that one needs ssl/tsl.

That rule makes *NO* sense. I can see insisting on SSL for consistency
reasons, rather than insisting that vendors support multiple encryption
protocols, and there's a whole fascinating set of laws about exporting
encryption tools in software as a "munition", making it illegal to ship to
Cuba and some other countries from the US. Can you point us to this medical
data policy or regulation? It sounds very odd indeed.

Anyhow for anonymouse data ssh should be ok. What is the method for
setting up sshd
for this application?

TIA from a newbie.

For anonymous data, for an interactive application like medical imaging
software? Why would you bother using an encrypted protocol at all?

Either way, if you want to keep things simple, it should be straghtforward
to set up SSH or SSL to use a tunneled port: that way, a port 104 client on
your local machine can be transmitted to a port 104 service on the server
over an encrypted SSH or SSL link to the server. You lose some logging that
way, but goodness knows I've done this to access expensive, licensed
software remotely.

In fact, roughly 15 years ago, I urged the use of VNC or, if necessary, VNC
over SSH to provide remote access to CT software on a very expensive server,
instead of paying $10,000 for antoerh turnkey SGI system with the very
expensive software. I think only a few researchers used it, without the
formal agreement of the department manager, but I still thought it was a
good idea.


.

Relevant Pages

  • Re: DICOM on SSH?
    ... reason ssh is not 'ethical'. ... encryption tools in software as a "munition", making it illegal to ship to ... But ssh and sshd do support tls don't they? ...
    (comp.security.ssh)
  • Re: [fw-wiz] Communication Device Protocols from External router directthrough Firewall
    ... TACACS is not. ... will get to SSH in a second)? ... or ACS should be on a DMZ ... Im sorry but why would you even say this as encryption between the firewall ...
    (Firewall-Wizards)
  • Re: ssh with tcp_wrappers!! contd/-
    ... Thanks a lot for such a huge response, of course typing mistake, i was using DenyHost not DenyGhost; as suggested by david and others i did this, ... Login, as root, to my Linux system containing the sshd server. ... i am not willing to compile openssh package is there any way out via rpm installation. ... Then try to ssh to localhost. ...
    (RedHat)
  • Re: use ipchains to block all ports > 60,000
    ... else going on here except sshd which allows me to log in and monitor the ... Telnet not running but here's the ouput of ssh -V and sshd -V ... OK, ran that from an external box and it showed open ports 22, 80, plus ... My ISP looked for evidence of massive scans emanating from my ip address ...
    (comp.os.linux.security)
  • Re: Encryption of printer files
    ... You have hit on one of the under-mentioned aspects of security. ... CUPS seems to have some encryption capability. ... through an SSH session. ... there is web-server based printing. ...
    (comp.unix.sco.misc)