In message <[EMAIL PROTECTED]> on Thu, 19 Jan 2006 11:03:09 -0800, "Chong Peng" <[EMAIL PROTECTED]> said:
ChongPeng> if you google "ssl and ssh", you will find a few pages ChongPeng> regarding this issue, such as: ChongPeng> ChongPeng> http://www.snailbook.com/faq/ssl.auto.html ChongPeng> http://www.rpatrick.com/tech/ssh-ssl/ ChongPeng> ChongPeng> but all in all, what ssl accomplishes can be done by ssh ChongPeng> and what ssh accomplishes can be done by ssl. it seems to ChongPeng> me that this is just another example of complicities ChongPeng> (confuses) created by human. There are quite a few perspectives from which to answer: Trust: the trust model differs. SSL uses the X.509 model, which is an authority hierarchy (roughly, there's actually a lot more to say about it). SSH uses a much more personal style, where the individual user is responsable for his keys and how they are to be used and authenticated. Cryptographic security: there's not really a lot of difference between the two in this respect. They use methods for key exchange and data encryption that are fairly similar to each other. Interface: SSH and SSL are widely different in this respect. SSH works as an application that you can call and tunnel whatever you wish through, while SSL comes as a library of routines to use instead of your usual network calls. However, there are SSL applications that provide the same kind of functionality as SSH; stunnel provides tunneling, stelnet provides secure remote login. There are probably other perspectives that I forget... Cheers, Richard -- Richard Levitte [EMAIL PROTECTED] http://richard.levitte.org/ "When I became a man I put away childish things, including the fear of childishness and the desire to be very grown up." -- C.S. Lewis ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
