SSL wrapping or SSH tunnelling? Which is more secure?
mark at blackmans.org
Tue Aug 20 11:27:11 BST 2002
this can be pretty straightforward with an entry in /etc/ttys (BSD)
or /etc/inittab (SYSV).
i.e. for FreeBSD (/etc/ttys) lines of the form...
daemon1 "/bin/sh -c 'sleep 10; sleep 15;'" unknown on
daemon2 "/bin/sh -c 'sleep 20; sleep 25;'" unknown on
the first column needs to be unique but arbitrary in the file and the
/bin/sh indirection is required to use multiple programs in
> Making the tunnel stay up is actually quite tricky unless one resorts
> to something like daemontools to recognise that the tunnel has gone
> down and restart it when necessary. It gets even more convoluted when
> one uses a chain of SSH port forwarders for traversing a firewall sandwich.
> One possible solution to the problem I've been mulling over is writing
> an SSH subsystem for doing general IP tunneling over SSH.
> On Tue, Aug 20, 2002 at 10:55:08AM +0100, Pete French wrote:
> > Ou of interest, how do you do the ssh forwarding ? I've not yet found the
> > magic combination of arguments to let me set up a permentnet tunnel without
> > something running on the far end. At the moment thats a shell script which
> > sleeps 10 minutes and then dies. Any alternative suggestions ?
> ------ FreeBSD UK Users' Group - Mailing List ------
More information about the Ukfreebsd