In message <[EMAIL PROTECTED]> on Mon, 2 Jul 2007 07:42:22 -0700 (PDT), David
Latil <[EMAIL PROTECTED]> said:
davidl340> being SSH is an application level protocol, I don't see why
davidl340> I could not replace the standard TCP connection that it
davidl340> uses with SSL. Why you ask? the theory is if encryption
davidl340> via SSL is secure then if you doubly encrypt using SSH then
davidl340> you are doubly secure, supposedly there is some form of
davidl340> data compression built into SSH that may be benefitial, you
davidl340> could go through the firewall friendly port 443, and you
davidl340> could use other higher level protocols through the SSH port
davidl340> forwarding feature.
Others have already responded on the dubious benefits with double
encryption. I've a question, why don't you simply set up a SSH server
that responds on port 443? Of course, if you have a HTTPS server
answering on that port, that won't work.
Honestly, it should be enough to tunnel over HTTP, using the CONNECT
method. There are already programs to help you doing the HTTP part,
for example httptunnel. The rest is a matter of writing a little
script (I have one somewhere that I'm willing to share) and a small
bit of configuration in ~/.ssh/config (which I can share as well).
That's the method you have to use anyway if you tunnel over HTTPS
(which is what you imply, it seems).
Cheers,
Richard
--
Richard Levitte [EMAIL PROTECTED]
http://richard.levitte.org/
"When I became a man I put away childish things, including
the fear of childishness and the desire to be very grown up."
-- C.S. Lewis
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
