Subject: Re: ssh - are you nuts?!?
To: None <>
From: None <>
List: tech-security
Date: 12/20/2000 05:05:42
On 17 Dec, Warner Losh wrote:
> In message <> writes:
> : How is TCP tunneling useful?
> It allows you to have a secure connection between two endpoints on the
> internet that might not otherwise be able to connect.  I use it to
> grab my pop mail from a heavily firewalled server when I'm on the
> road.  Just crank up my ssh session to the main machine (with a tunnel
> from port 119 on the local machine to port 119 on, then
> tell my pop client to go to localhost instead of  ssh can
> be configured to disallow connections to that port from outside of my
> machine, so I have a high degree of confidence that no one else is
> using that connection if I'm the only one on the machine.
Are you suggesting that under certain conditions - your
degree of confidence might be lower. If so, can you name some of
those conditions?

> For protocols like pop where you have plain text passwords, this sort
> of automatic armoring is a big win until such time as real
> authentication for pop can be implemented and standardized.
I've gotten this from a few people. That is they state that
SSH is kind of a patch, until something better comes along.
Do you feel that way also?