On 2/11/11 3:22 PM, Robert Goley wrote: > It does have some complications. Most software seems to use a GPL > disclaimer/exception when using it. The libssh library is released LGPL > though. If it can be used with GNUTLS, that should solve that issue.
Not really, because as mentioned previously, GnuTLS is about 1/3 as fast as OpenSSL. Also, I don't understand the advantage of using libssh/GnuTLS vs. just using GnuTLS like we're already doing. The only advantage I could see to that would be in cases where there is a restrictive firewall and only the SSH port is open. I would get on board with using libssh if and only if: (1) It replaces GnuTLS as a way to do session encryption, not supplements it. (2) It offers a fundamentally more user-friendly approach to SSH session encryption (such as providing a single sign-on to both the SSH server and the VNC server.) and (3) It performs as well as using the external SSH client. Really, I see the -via option as a convenience feature, nothing more. It's a way for Unix users to avoid typing the SSH forwarding command line by hand. It's not part of a comprehensive session encryption function. ------------------------------------------------------------------------------ The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: Pinpoint memory and threading errors before they happen. Find and fix more than 250 security defects in the development cycle. Locate bottlenecks in serial and parallel code that limit performance. http://p.sf.net/sfu/intel-dev2devfeb _______________________________________________ Tigervnc-devel mailing list Tigervnc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tigervnc-devel
