On Wed, Dec 20, 2000 at 04:47:29AM -0800, opentrax@email.com wrote:
> 
> 
> My understanding is "tunnel", as a concept in SSH, is a feature
> of port forwarding. This seems like a good feature, but something
> that is rarely usable. Am I mistaken?

Define "rarely". As long as you can ssh in a server, you can use this.
This is very handy for e.g. laptop users, to use internal resources
from the outside (smtp, pop3, intranet www server, ...)

> > Yes, if the remote end supports ipsec.
> > 
> Yes, but isn't that the same requirement from SSH?
> That both ends support SSH (1 or 2 or both).

ssh is userland-only and so can run on any platform with a C compiler and
sokets (you even have ssh servers for NT :). IPsec needs kernel support,
which requires more than "download sources and compile".

--
Manuel Bouyer <bouyer@antioche.eu.org>
--