[rc5] An Idea for the V3 protocol : ssh !

Josh Goins joshg at newwave.net
Mon Oct 27 16:49:03 EST 1997


Jo Hermans wrote:
> 
> Has somebody thought about using the ssh-protocol for the communication
> between clients and servers ?
> 
> I know that most of you think "ssh - but that's for an encrypted version
> of rsh !", but that's not the whole truth. The ssh-protocol can be used
> for any kind of communication, it will encrypt the whole datastream. If
> correctly configured, it can be used to verify the remote host with
> passwords and even public/private keys. [yep, using the same RC5-56 !].
> For some sites, it could be the only way trough a firewall, when for
> example the telnet and rsh ports are closed. Bovine uses the http-ports
> currently, which is fine, even when proxies have to be used (well, if it
> finally works ofcourse :). Most sites will open these ports anyway, one
> way or another. But for some sites, I can imagine that administrators
> ask for better identification. And if V3 clients are able to use some
> kind of encrypted communication, that's a plus for me. I don't want to
> have people snoop these messages, because some of them can contain
> sensitive information.
> 
> Ofcourse, signing all messages (like in ActiveX and Java-applets) would
> be a very good step too.
> 
> --
> Jo Hermans

There is an excellent article on the ssh protocal in the November
issue of Linux Journal <http://www.linuxjournal.com>.
--
Denying millions of law-abiding people the use of a legitimate 
and increasingly necessary security product for "law enforcement" 
reasons is like banning deadbolt locks because they make it a 
little harder to kick down the doors of a few drug dealers.

                           CONRAD BURNS,
                           U.S. Senator (R-Mont.),
                                from a letter to the Washington Post
----
To unsubscribe, send email to majordomo at llamas.net with 'unsubscribe rc5' in the body.



More information about the rc5 mailing list