[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ssl redux

From: Gerhard Sittig
Subject: Re: ssl redux
Date: Sun, 5 Nov 2000 21:58:45 +0100

On Sun, Nov 05, 2000 at 09:40 -0800, Dan Kegel wrote:
> I need encrypted sessions, but don't want to give shell
> accounts to my cvs users.

Have you tried setting up an "anonymous" user whose only possible
command available via ssh is a (few seconds long) sleep(1)?  As
long as this command is running ssh could tunnel another socket,
and will keep the connection as long as the (sleep) command is
running or the tunneled socket is in use.  The sleep has to run
long enough to establish the tunnel ("port forwarding" is the
magic word you might want to search for).

I remember having seen something like this in an ISP Hookup HowTo
for encrypting POP3 sessions.  Of course this needs cooperation
on the ISP's side.  In your situation you're lucky enough to have
control of both sides. :>

virtually yours   82D1 9B9C 01DC 4FB4 D7B4  61BE 3F49 4F77 72DE DA76
Gerhard Sittig   true | mail -s "get gpg key" address@hidden
     If you don't understand or are scared by any of the above
             ask your parents or an adult to help you.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]