On Monday, 08/02/2004 at 08:44 AST, "Kern, Thomas" <[EMAIL PROTECTED]> wrote: > With all parts of the transaction protected by the SSL encryption, > especially the userid/password that will get validated against the CP > directory?
Yes, SSL in the context of https protects all data flowing over the connection. I should, however, point out that SSH and SSL are very different beasts. SSH is really a multiplexing encrypted transport service. One or more logical "channels" flow over it, including user authentication, an interactive shell, file transfer, and an rexec-like service (with built-in extensibility). As a general rule, unless you specifically request it, you won't get the password prompts with SSH. Instead, you use a public-private key pairing that enables the system to identify you; no password required. If you go down the path of ftp-over-http, you will need to re-implement all of the access controls imbedded in the FTP server. Ftp-over-http is commonly done in order to bypass firewalls. Of course, check with your security people before you procede to get their blessings; a sysadmin unilaterally defeating the defined security policy might be considered to be an "unforgivable offense". (Those security weasels are *such* nervous nellies.....) Alan Altmark Sr. Software Engineer IBM z/VM Development ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
