Re: scp -S, sftp -S
This is a discussion on Re: scp -S, sftp -S within the OpenSSH Development forums, part of the Networking and Network Related category; > [...] > If you have pubkey auth then it's pretty much transparent. > > You pay a price in ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
08-04-2005
|
|||
|
|||
Re: scp -S, sftp -S
> [...]
> If you have pubkey auth then it's pretty much transparent. > > You pay a price in multiple encryption (although you can mitigate this > by specifying a fast cipher like arcfour for the intermediate hops.) > > One day I'd like ssh to learn how to establish a single port forward and > pass the traffic to and from stdin/stdout, which would remove the need > to have connect/nc on the intermediate hosts (and the modified ssh would > only be required on the client end). I see. That would be nice. But why was 'connect' needed at all? I found that nesting ssh as I described works fine (except that you need a wrapper script to manage the task of quoting your command properly). Does your version have lower latency or something? I guess my version puts some extra encryption burden on the firewall, and doesn't have end-end encryption, so if you don't trust the firewall operator... Anyway, I do this often enough that I think I'll find my shorter syntax quite useful. If necessary, the wrapper script can always be modified to chain things with ProxyCommand instead of through the ssh remote command arguments. Frederik _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@mindrot.org http://www.mindrot.org/mailman/listi...enssh-unix-dev 
|
Linear Mode
