Just for the records, we (Adiscon - WinSyslog, MonitorWare, rsyslog) do not plan to support SSH either. We plan native TLS first in rsyslog and later in the Windows product. I guess we'll try to make it compatible to syslog-ng no matter if this will be an IETF or industry standard. I expect this to be fairly easy (AFIK our products interoperate via the stunnel hack over SSL).
Rainer > -----Original Message----- > From: Balazs Scheidler [mailto:[EMAIL PROTECTED] > Sent: Wednesday, January 11, 2006 3:40 PM > To: Chris Lonvick > Cc: Rainer Gerhards; [EMAIL PROTECTED] > Subject: Re: SSH - RE: [Syslog] Re: Threat model and charter > > On Wed, 2006-01-11 at 06:29 -0800, Chris Lonvick wrote: > > Hi, > > > > I forgot to address the use of SSH for authentication. The > isms WG is > > trying to use SSH to provide security for SNMPv3. This can > be done by > > having the devices authenticate by having a username and credential > > (password, public key, etc.). Again, this sounds to me > like it's getting > > further away from the ease of deployment for syslog than we'd like. > > However, Rainer mentioned that he thought some people were > already using > > SSH to transport syslog. I need to ask: How many people have > > implementations that use SSH, and how many are planning this? > > I for one (syslog-ng) don't plan to add native support to > SSH, although > SSH can be integrated into syslog-ng by using the program destination, > something like this: > > program("ssh -i /etc/syslog-ng/ssh.key [EMAIL PROTECTED] > /usr/bin/logger -f"); > > However I don't see this as a very good solution. On the > other hand I'm > planning on adding TLS natively (instead of using stunnel > style hacks). > > -- > Bazsi > > _______________________________________________ Syslog mailing list [email protected] https://www1.ietf.org/mailman/listinfo/syslog
