Re: Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.
On Thu, 8 May 2003, Andrew Suffield wrote:
> On Thu, May 08, 2003 at 01:24:58PM +0200, Guus Sliepen wrote:
> > If you have a network that is already
> > secure (for example, behind a decent firewall, or a VPN), using ssh only
> > means lots of unnecessary overhead. The lack of security in rsh is not a
> > bug, it is just the way it is supposed to work.
The overhead cannot be ignored unless the only network traffic are text
login sessions. A brief test involving sending a 38MB file between two
machines on a 100Mb network, the slower machine being a 375Mhz Celery
resulted in:
ssh transmission : 1.6MB/s
unencrypted transmission: 8.1MB/s
A back-of-the-envelope extrapolation says that to utilize the full
bandwidth of that 100Mb Ethernet I would need a 1.8Ghz P2-class machine.
> Security should be end-to-end, not point-to-point. The sheer number of
> times a site has been compromised because their "secure" network
> wasn't and somebody was using rsh...
The problem is that, to be secure, it is not enough to encrypt just the
login sessions. All mounted filesystems, X sessions, everything, would
have to be encrypted as well -- and that takes good modern machines just
to enjoy that 100Mb network.
Also, if someone can subvert my firewall, I'm already screwed, and
everything ssh can do for me is to reduce further damage.
> People who can create a genuinely secure network are invited to start
> a consultancy firm; they could make millions.
Whee! Will you pay me if I tell you to keep that important private
network not connected to the world?
Don't get me wrong... there should be a law about not using rsh outside,
but it still should be available for places where one simply cannot afford
ssh.
1KB
/-----------------------\ Shh, be vewy, vewy quiet,
| kilobyte@mimuw.edu.pl | I'm hunting wuntime ewwows!
\-----------------------/
Segmentation fault (core dumped)
Reply to: