[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ssl redux
From: |
Gerhard Sittig |
Subject: |
Re: ssl redux |
Date: |
Sun, 5 Nov 2000 21:58:45 +0100 |
On Sun, Nov 05, 2000 at 09:40 -0800, Dan Kegel wrote:
>
> I need encrypted sessions, but don't want to give shell
> accounts to my cvs users.
Have you tried setting up an "anonymous" user whose only possible
command available via ssh is a (few seconds long) sleep(1)? As
long as this command is running ssh could tunnel another socket,
and will keep the connection as long as the (sleep) command is
running or the tunneled socket is in use. The sleep has to run
long enough to establish the tunnel ("port forwarding" is the
magic word you might want to search for).
I remember having seen something like this in an ISP Hookup HowTo
for encrypting POP3 sessions. Of course this needs cooperation
on the ISP's side. In your situation you're lucky enough to have
control of both sides. :>
virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76
Gerhard Sittig true | mail -s "get gpg key" address@hidden
--
If you don't understand or are scared by any of the above
ask your parents or an adult to help you.
- ssl redux, Dan Kegel, 2000/11/05
- Re: ssl redux,
Gerhard Sittig <=