Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Speaking of mail etc



On Sat, 2003-07-26 at 13:21, Konrad wrote:

> Why not use POP3/IMAP/sendmail with SSL instead of creating the SSH
> tunnel?

I have one port open into my home server: port 22, for ssh. It's 
straightforward to use, and does the job well. The question isn't 
"Why not use SSL"; rather, the question is "Why use SSL". 

In order to use SSL, I have to open up another port, which would 
make my system that much more complex to maintain. In addition, 
by using SSL, anyone can access the port and try to login by guessing 
a password, whereas with ssh, someone would have to first break 
ssh to get in. In order to do that, they'd have to either get a copy 
of my id_dsa private key and guess my passphrase, or find an exploit 
for openssh and use it before I have a chance to upgrade openssh 
on my server. 

-- 
John Abreau / jabr at abreau.net / http://www.abreau.net 
(PGP) D5C7B5D9 / (FP) 72 FB 39 4F 3C 3B D6 5B E0 C8 5A 6E F1 2C BE 99

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 307 bytes
Desc: This is a digitally signed message part
URL: <http://lists.blu.org/pipermail/discuss/attachments/20030729/2143559a/attachment.sig>



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org