[lug] VPN or SSH for cvs?
Jonathan Briggs
zlynx at acm.org
Wed Nov 21 14:21:56 MST 2001
D. Stimits wrote:
>So maybe I should be asking something different...can ssh be used over a
>port to turn it into a network route that is of general use, and not a
>dedicated-one-application port? To have ssh emulate a network interface.
>Then I'd try to find (maybe this won't work) a way to make ssh use the
>named route and no other route.
>
This would be a job for IPsec, which is designed to create encrypted
network routes.
Check out FreeS/WAN:
http://www.freeswan.org
But even if you were running SSH over an IPsec link or found a way to
make an SSH tunnel for SSH, it would still ask you for a password. So
I'm not sure what you would gain from this. To me, using public/private
keys and ssh-agent sounds like the right way to go. This really is the
same effect as if you were leaving an SSH tunnel open. If you leave
your keyboard open, anyone could come by and use your open tunnel, so
using ssh-agent is the same amount of risk.
More information about the LUG
mailing list