[ On Monday, March 11, 2002 at 13:10:22 (-0800), Bill Studenmund wrote: ]
> Subject: Re: FreSSH
>
> Well, you can have strong crypto (using the defenition you used later in
> the thread) without encrypting the data connection. Consider two hosts
> that use IPSec w/ ESP in transport mode. It's kinda silly to have ssh
> encrypt data and then have ESP encrypt it also.

Well it may not be quite that silly to double-encrypt, though I'm not
sure whether it would amount to anything more than another layer of
obscurity that might easily made transparent by certain types of attacks
against SSH that don't involve breaking the encryption key in order to
reveal enough about the content to make things interesting.....

> Note also I'm not saying everyone should do that, or that ssh's encryption
> should be removed. Just that there can be some safe & sane uses of
> cleartext.

In your scenario above I believe it would, for SSH alone, make more
sense from a security perspective to to do the encryption in SSH than in
IPSec with ESP.  In tunnel mode though the performance implications may
outweigh the security concerns, esp. if the IPSec router's encryption
throughput is hardware enhanced and potentially "stronger" (more key
bits, more frequent session key renegotiations, etc.).

-- 
								Greg A. Woods

+1 416 218-0098;  <gwoods@acm.org>;  <g.a.woods@ieee.org>;  <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>