[nycbug-talk] How secure: wireless + ssh?

Okan Demirmen okan
Tue Dec 27 15:48:09 EST 2005


On Tue 2005.12.27 at 13:37 -0500, alex at pilosoft.com wrote:
> On Tue, 27 Dec 2005, Okan Demirmen wrote:
> 
> > On Sat 2005.12.24 at 00:47 -0500, Charles Sprickman wrote:
> > > On Fri, 23 Dec 2005, Okan Demirmen wrote:
> > > 
> > > >and i'm replacing my ppp over ssh tunnels with the shinny new openssh 
> > > >native tunnels (even layer2 ones ;).
> > > 
> > > Got any pointers to a FAQ/HOWTO?  I'm really a bit behind the curve on the 
> > > new stuff that's popped into openssh the last few years...
> > 
> > /usr/src/usr.bin/ssh/README.tun
> tcp over tcp = bad juju
> 
> http://sites.inka.de/sites/bigred/devel/tcp-tcp.html

yes...this is well known, but the key is one has options. actually, this
is one reason to stay way from those xyz vendors' ssl vpns - though some
vendors are doing hybrids with ipsec now...why not just use ipsec,
vendor xyz??

anyway, back on topic - sometimes it's good to have options (ssh over
ppp or tun). for example, my corner coffee shop restricts to 80/443, but
with nc (netcat) and ssh over tun/ppp, i'm golden. this would be
considered ad-hoc - definately not something to replace ipsec....

cheers,
okan




More information about the talk mailing list