On Wed, 15 Aug 2001, Brian Hatch wrote: > Wait, are you saying that you'd rather have your machines > able to log into each other to set up an SSH tunnel rather > than writing a protocol that uses SSL? SSL != HTTPS. Either Yes. Your SSL listener will need to allow connections, check pub/priv key authentication, possibly change UID/GID based on which key, and then send data to some command (or handle it internally). This is *exactly* what SSH does, and it is already written and well-tested code. Note that SSH is *NOT* required to run a shell (or even allocate a pty). > Now none of this requires that either machine can SSH to the other. I don't see the problem with allowing a machine to ssh to another machine. I *do* see a problem with allowing machines to automatically get shells on other boxes, and that is what should be stopped. -Peff --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Thu Aug 16 2001 - 12:30:45 PDT