Pardon me, but when have ppl given me that information ?? The only hint I have about the diff between SSH and SSL is the message I replied to. When I was talking about elaborating on tunneling I was basically asking what can I do with tunneling. Neither the SSL or the SSH websites give any real hint to this, not that I have found.
Just one example: can I code a client/server applications and encrypt and do authentication with SSL/SSH tunneling ? I've no idea, not from the things I've read about those two. Yeah, SSH is a secure login and shell for a remote system. That I know. It's more than that, isn't it ?? I'm sorry if you're impatient about my post, but I don't recall people answering me and me being a nag about it all over again.. Maybe it's just my memory, but who knows.. E 23/09/02 22:52:12, Daniel Miessler <[EMAIL PROTECTED]> wrote: >> Can you elaborate more on SSL tunneling vs. SSH tunneling ? >> What are they used for and what can I do with them, and maybe >> point to some good resources ? > >Friend, like 10 people have all given you the basics on the differences, >and now you ask to be told what they are used for and what you can do >with them? > >You asked for a resource - I give you Google. > >http://www.google.com > >If you put both of your terms into Google you will get more than enough >information to help you out. Just as a friendly piece of advise though, >don't ask a question on a newsgroup, have people answer you very nicely, >and then come back and basically say, "That's nice, tell me again - this >time in more detail." It's rude. > >Good luck on your search, man. > >--danielrm26 > > >> -----Original Message----- >> From: voguemaster [mailto:[EMAIL PROTECTED]] >> Sent: Saturday, September 21, 2002 5:16 PM >> To: netsec novice; Brad Arlt >> Cc: [EMAIL PROTECTED] >> Subject: Re: Telnet/SSL v SSH >> >> Question: >> >> >> Thanks >> Eli >> >> 20/09/02 18:47:23, Brad Arlt <[EMAIL PROTECTED]> wrote: >> >> >On Thu, Sep 19, 2002 at 10:02:49PM +0000, netsec novice wrote: >> >> Can someone help me understand the difference between SSH and >Telnet over >> >> SSL? >> > >> >I will only talk about SSH v2 (and Telnet/SSL). >> > >> >On the most basic level there is little difference. SSH is a remote >> >tty encryption standard. Telnet/SSL is a remote tty encryption >> >standard. At this level the only real difference is one can find SSH >> >clients and servers. I don't think I have *ever* spotted a >Telnet/SSL >> >server. Telnet client/servers using SSL wrappers on each side, yes; >> >but never a real implimenation. >> > >> >Now I am a bit of an SSH snob, so my differences list is pretty much >> >SSH can do this and Telnet/SSL can't. >> > >> > - SSH is an encryption framework with special provisions >specifically >> > for remote logins >> > + a mechanism to pretect statistical analysis of the initial >> > password >> > + an authentication layer to allow for multiple tty sessions with >> > only one sign on >> > + multiple authentication methods and extensable authentication >> > methods that allow you to pick what is right for you >> > >> >- SSH (as implied above) is more than a single tunnle for a data >stream >> > it provides TCP tcp tunneling, X11 proxing, and TTY connections >> > through a *single* connection >> > >> >- SSH doesn't need to use PKI for it to work (some commercial >> > versions can if you like), this is nice if you don't want >> > to setup a PKI framework for remote logins >> > >> >- SSH provides a file transfer framework >> > >> >- Telnet/SSL uses, well, SSL. So if you are lucky and have hardware >> > SSL encoding/decoding Telnet/SSL will be way more efficient. >> > >> >The one saving grace of Telnet/SSL IMHO would be if you have hardware >> >SSL acceloraters, its performance will scream compared to SSH. >Crypto >> >acceloraters might level the playing field a bit, but hardware SSL >> >(those network appliances that are design to free up your web servers >> >from the burden of SSL) would still make Telnet/SSL appealing. >> > >> >This speed is only a concern, in practice, if you are transfering >large >> >amounts of data. This would include file transfers, and a large >number >> >of connections to a single machine. >> > >> >We have serveral compute servers that routinely handle 30 - 50 >> >connections without problem. Any more connections than that and the >> >server resources are strained, not from ssh, but from all the things >> >people are doing on the server (compiling, simulating the universe, >> >etc). The servers are Sun Ultra 2, with a very modest processor and >> >an OK amount of RAM. >> >>----------------------------------------------------------------------- >> > __o Bradley Arlt Security Team >Lead >> > _ \<_ [EMAIL PROTECTED] University Of >Calgary >> >(_)/(_) I should be biking right now. Computer Science >> > >> > >> "There's so many different worlds >> So many different suns >> And we have just one world >> But we live in different ones.." >> >> - Dire Straits > "There's so many different worlds So many different suns And we have just one world But we live in different ones.." - Dire Straits
