Re: IPsec vs ssh

To: Darren Reed <darrenr%netbsd.org@localhost>, NetBSD Networking Technical Discussion List <tech-net%netbsd.org@localhost>
Subject: Re: IPsec vs ssh
From: John Nemeth <jnemeth%cue.bc.ca@localhost>
Date: Sun, 10 Nov 2013 11:22:37 -0800

On Nov 11,  1:39am, Darren Reed wrote:
}
} I'm experimenting with IPsec and have found that once I have
} a tunnel working between a pair of NetBSD hosts running IPsec,
} I can no longer ssh directly from one to the other - or that
} once I load ipsec.conf, ssh sessions freeze.
} 
} The reason for this is that I suspect the SPD (ipsec.conf)
} ends up specifying that the packets for ssh between the two
} hosts are to be encrypted and wrapped up by each end point
} before being sent to the other end.

     All matching packets will be wrapped and tunneled.  However,
ssh isn't any different from any other TCP protocol in this regard.
This is NOT what's breaking ssh.  Since you didn't provide full
details, it isn't possible to determine what is wrong with your
config.

}-- End of excerpt from Darren Reed

Follow-Ups:
- Re: IPsec vs ssh
  - From: Robert Elz
- Re: IPsec vs ssh
  - From: Darren Reed

References:
- IPsec vs ssh
  - From: Darren Reed

Prev by Date: IPsec vs ssh
Next by Date: Re: IPsec vs ssh
Previous by Thread: IPsec vs ssh
Next by Thread: Re: IPsec vs ssh
Indexes:

Home | Main Index | Thread Index | Old Index