I have a somewhat bizarre project on my plate. I have been tasked to come up
with a secure proxy of sorts that uses SSH over SSL (I mean to actually encrypt
SSH with SSL, not just tunnel through a proxy). In the end, we would be using
port forwarding over SSH for HTTP traffic.
being SSH is an application level protocol, I don't see why I could not replace
the standard TCP connection that it uses with SSL. Why you ask? the theory is
if encryption via SSL is secure then if you doubly encrypt using SSH then you
are doubly secure, supposedly there is some form of data compression built into
SSH that may be benefitial, you could go through the firewall friendly port
443, and you could use other higher level protocols through the SSH port
forwarding feature.
I'm not very experienced programming with SSL, but I'm heavily researching the
concepts at this stage, I'm a bit skeptical to say the least of the
cost/benefits of this.
I sure would appreciate if someone could tell me if this is a bad idea and why,
the more I know now at this time the better.
David
____________________________________________________________________________________
Be a better Globetrotter. Get better travel answers from someone who knows.
Yahoo! Answers - Check it out.
http://answers.yahoo.com/dir/?link=list&sid=396545469
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
