You are not logged in.
- Topics: Active | Unanswered
#1 2005-12-21 19:22:08
- cactus
- Taco Eater
- From: t͈̫̹ͨa͖͕͎̱͈ͨ͆ć̥̖̝o̫̫̼s͈̭̱̞͍̃!̰
- Registered: 2004-05-25
- Posts: 4,622
- Website
New openssh has some really cool features..
http://www.securityfocus.com/columnists/375
very neat. Layer two VPN!!
Native interface!!
my.. god... how... cool....
/me drools..
and they fixed their rc4 (arcfour) implementation not too long ago too. Those openssh guys rock.
"Be conservative in what you send; be liberal in what you accept." -- Postel's Law
"tacos" -- Cactus' Law
"t̥͍͎̪̪͗a̴̻̩͈͚ͨc̠o̩̙͈ͫͅs͙͎̙͊ ͔͇̫̜t͎̳̀a̜̞̗ͩc̗͍͚o̲̯̿s̖̣̤̙͌ ̖̜̈ț̰̫͓ạ̪͖̳c̲͎͕̰̯̃̈o͉ͅs̪ͪ ̜̻̖̜͕" -- -̖͚̫̙̓-̺̠͇ͤ̃ ̜̪̜ͯZ͔̗̭̞ͪA̝͈̙͖̩L͉̠̺͓G̙̞̦͖O̳̗͍
Offline
#2 2005-12-22 20:17:52
- Neuro
- Member
- From: Poland
- Registered: 2005-10-12
- Posts: 352
Re: New openssh has some really cool features..
very neat. Layer two VPN!!
Native interface!!.
Wasn't that available in OpenVPN for a while now? You know, like binding a tun interface with a real physical interface for transparent bridging? I've read about it somewhere regarding setting up a wireless AP using WLAN and OpenVPN.
But I agree, these guys rock. I'm amazed to such extent that I'm planing on migrating my home router/firewall/server to OpenBSD 
Nice interview BTW.
Offline
#3 2005-12-22 20:46:57
- cactus
- Taco Eater
- From: t͈̫̹ͨa͖͕͎̱͈ͨ͆ć̥̖̝o̫̫̼s͈̭̱̞͍̃!̰
- Registered: 2004-05-25
- Posts: 4,622
- Website
Re: New openssh has some really cool features..
Pretty sure it was only layer 3 before. Not positive though, as this is the first i have heard about this..
It appears that clients could <in theory> arp across a tunnel now. Being layer 2...
"Be conservative in what you send; be liberal in what you accept." -- Postel's Law
"tacos" -- Cactus' Law
"t̥͍͎̪̪͗a̴̻̩͈͚ͨc̠o̩̙͈ͫͅs͙͎̙͊ ͔͇̫̜t͎̳̀a̜̞̗ͩc̗͍͚o̲̯̿s̖̣̤̙͌ ̖̜̈ț̰̫͓ạ̪͖̳c̲͎͕̰̯̃̈o͉ͅs̪ͪ ̜̻̖̜͕" -- -̖͚̫̙̓-̺̠͇ͤ̃ ̜̪̜ͯZ͔̗̭̞ͪA̝͈̙͖̩L͉̠̺͓G̙̞̦͖O̳̗͍
Offline
#4 2005-12-22 22:40:46
- Neuro
- Member
- From: Poland
- Registered: 2005-10-12
- Posts: 352
Re: New openssh has some really cool features..
Pretty sure it was only layer 3 before.
Well, I haven't tested it, but OpenVPN's site clearly states:
OpenVPN implements OSI layer 2 or 3 secure network extension using the industry standard SSL/TLS protocol, supports flexible client authentication methods based on certificates, smart cards, and/or 2-factor authentication, and allows user or group-specific access control policies using firewall rules applied to the VPN virtual interface. OpenVPN is not a web application proxy and does not operate through a web browser.
and OpenVPN: Ethernet Bridging
Ethernet bridging essentially involves combining an ethernet interface with one or more virtual TAP interfaces and bridging them together under the umbrella of a single bridge interface. Ethernet bridges represent the software analog to a physical ethernet switch. The ethernet bridge can be thought of as a kind of software switch which can be used to connect multiple ethernet interfaces (either physical or virtual) on a single machine while sharing a single IP subnet.
But back to OpenSSH. I wonder what's the difference in using SSH tunnels as opposed to SSL ones. Both ways of encrypting data are more or less (?) equally strong when it goes about security. Or am I missing something?
Offline