Steven Van Ingelgem <[email protected]> writes: > 2009/10/15 Peter Stuge <[email protected]> > >> Steven Van Ingelgem wrote: >> > I have been looking on how to encrypt an existing TCP stream >> > through libssh2, but I seem not to be able to find one? >> >> I don't know what you mean by "existing" - that implies trying to >> splice an established TCP connection in some way, and there isn't >> really any library for that anywhere, except maybe in Dan Kaminsky's >> home directory. >> >> Check what libssh2_channel_direct_tcpip() does. Maybe it works for >> you. >> >> There is more that can be done with TCP in SSH2 than what is >> implemented in libssh2 so please send patches if you improve the >> library. >> > > What I want to say is that if I have an established TCP connection (as in an > integral "socket"), that I want to drop an encryption layer on top of it. > direct_tcp would be good wouldn't it be that you need an established > session, for which you do need to be authenticated... > Also direct_tcp requests a host/port combination... And I would layer it on > top of an existing socket.
SSH isn't normally used that way, but TLS is often used that way (see the STARTTLS features in SMTP or IMAP) so you may want to look at using a TLS library instead. Is there any particular reason why you would want to use SSH instead of TLS? It would be technically possible to achieve this with SSH too, but without understanding more about your use-case, I suspect TLS is more appropriate. /Simon _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
