Re: Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.
On Thu, May 08, 2003 at 03:22:41PM -0400, Daniel Burrows wrote:
> On Thu, May 08, 2003 at 02:54:08PM -0400, Matt Zimmerman <mdz@debian.org> was heard to say:
> > I'm pretty sure this would require a protocol change, which very much limits
> > its usefulness. I agree that it would be nice to be able to opt out of
> > encryption for the post-authentication data stream.
>
> Off the top of my head, I think you could probably do it by opening
> a second connection and using a single-shot authentication token,
> negotiatied over the SSH connection. (this wouldn't help if you were
> trying to copy files through a firewall that only accepted ssh, of course)
>
> (I'm imagining this being done by a separate program that uses ssh as
> a data transport, not by ssh itself)
This is pretty much like using ftp with the control connection tunneled over
ssh (or even ftp with GSSAPI).
--
- mdz
Reply to: