nanog mailing list archives
RE: quietly....
From: Matthew Huff <mhuff () ox com>
Date: Thu, 3 Feb 2011 15:46:11 -0500
Well, since ssh is a straight up tcp socket protocol on a well know port with no gimmicks needed like FTP, yeah, I would say it isn't a hack. FTP over TLS/SSL is much worse. In some implementations you can do an non-encrypted control channel and an encrypted data channel, so that a SPI firewall can "hack" it through, but unfortunately a lot of servers and/or clients won't negotiate that correctly and only allow both type of channels to be encrypted which is not possible to pass through a SPI firewall. There are two other sorta widely implemented secure file transfer protocols, SCP and WebDav over TLS/SSL. Either works fine through a SPI firewall, but the consensus for file transfer (at least over the pub net) within the financial services community appears to be converging to FTP over ssh.
-----Original Message----- From: Valdis.Kletnieks () vt edu [mailto:Valdis.Kletnieks () vt edu] Sent: Thursday, February 03, 2011 3:36 PM To: Matthew Huff Cc: Owen DeLong; nanog () nanog org Subject: Re: quietly.... On Thu, 03 Feb 2011 14:39:15 EST, Matthew Huff said:Something like ftp over SSH works well without fixup or NAT issues and is becoming more standard at least in the financial services community.And having to do it over SSH *isn't* a fixup/hackaround?
Current thread:
- Re: quietly...., (continued)
- Re: quietly.... Jack Bates (Feb 03)
- Re: quietly.... Lamar Owen (Feb 03)
- Re: quietly.... Jack Bates (Feb 03)
- Re: quietly.... Lamar Owen (Feb 03)
- Re: quietly.... Simon Perreault (Feb 03)
- Re: quietly.... Matthew Palmer (Feb 03)
- RE: quietly.... Matthew Huff (Feb 03)
- Re: quietly.... Valdis . Kletnieks (Feb 03)
- RE: quietly.... Matthew Huff (Feb 03)
- Re: quietly.... Valdis . Kletnieks (Feb 03)
- RE: quietly.... Matthew Huff (Feb 03)
- Re: quietly.... Randy Carpenter (Feb 03)
- RE: quietly.... Matthew Huff (Feb 03)
- Re: quietly.... Lamar Owen (Feb 03)
- Re: quietly.... Matthew Palmer (Feb 03)
- RE: quietly.... Matthew Huff (Feb 03)
- Re: quietly.... Valdis . Kletnieks (Feb 03)
- Re: quietly.... Jay Ashworth (Feb 03)
- Re: quietly.... Valdis . Kletnieks (Feb 03)
- Re: quietly.... Jay Ashworth (Feb 03)
- Re: quietly.... Lamar Owen (Feb 03)