[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.

On Thu, May 08, 2003 at 03:22:41PM -0400, Daniel Burrows wrote:

> On Thu, May 08, 2003 at 02:54:08PM -0400, Matt Zimmerman <mdz@debian.org> was heard to say:
> > I'm pretty sure this would require a protocol change, which very much limits
> > its usefulness.  I agree that it would be nice to be able to opt out of
> > encryption for the post-authentication data stream.
> 
>   Off the top of my head, I think you could probably do it by opening
> a second connection and using a single-shot authentication token,
> negotiatied over the SSH connection.  (this wouldn't help if you were
> trying to copy files through a firewall that only accepted ssh, of course)
> 
>   (I'm imagining this being done by a separate program that uses ssh as
>    a data transport, not by ssh itself)

This is pretty much like using ftp with the control connection tunneled over
ssh (or even ftp with GSSAPI).

-- 
 - mdz
Reply to: