Aran Cox writes:
> On Tue, Jan 30, 2001 at 05:53:07PM -0500, Bob Babcock wrote:
> > > Like my the subject states; Can SSH be used just for encrypted
> > > authentication and then let the rest of the session be unencrypted?.
> >
> > I'd like to be able to do this too, but it would be easy to get in trouble.
> > Say you ssh from machine A to machine B, then from B you ssh to machine C.
> > If only the authentication is encrypted, you've just sent your login
> > information for machine C over the A-to-B link unencrypted.
>
> Why wouldn't you want to encrypt the entire session? Are your machines
> so slow that it's actually an issue? ssh makes it just as easy to
> encrypt everything, so why mess with a Good Thing?
>
This is a very useful thing for backup/recovery, where we e.g.
use the rsh-protocol and would like to switch to ssh, but it
is impossible to encrypt/decrypt gigabytes of data. Furthermore
it is on an internal network, so snooping data is never the
problem, but as long as rsh is an allowed protocol, you need
to rely on other methods to avoid usage of rsh for other
things, than just the backup/restore. So it is a very useful
thing to encrypt only the authentication.
Mit freundlichen Grüßen
Andreas Schott.
----------------------------------------------------------------
http://www.rzg.mpg.de/~ays | :-O Wissen ist Macht!
email: [EMAIL PROTECTED] | 8-( Ich weiß nichts.
phone/fax: +49 89 3299-2180/1301 | ;-> Macht auch nichts.
