Speaking of mail etc
John Abreau
jabr at abreau.net
Tue Jul 29 20:12:47 EDT 2003
On Sat, 2003-07-26 at 13:21, Konrad wrote:
> Why not use POP3/IMAP/sendmail with SSL instead of creating the SSH
> tunnel?
I have one port open into my home server: port 22, for ssh. It's
straightforward to use, and does the job well. The question isn't
"Why not use SSL"; rather, the question is "Why use SSL".
In order to use SSL, I have to open up another port, which would
make my system that much more complex to maintain. In addition,
by using SSL, anyone can access the port and try to login by guessing
a password, whereas with ssh, someone would have to first break
ssh to get in. In order to do that, they'd have to either get a copy
of my id_dsa private key and guess my passphrase, or find an exploit
for openssh and use it before I have a chance to upgrade openssh
on my server.
--
John Abreau / jabr at abreau.net / http://www.abreau.net
(PGP) D5C7B5D9 / (FP) 72 FB 39 4F 3C 3B D6 5B E0 C8 5A 6E F1 2C BE 99
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 307 bytes
Desc: This is a digitally signed message part
URL: <http://lists.blu.org/pipermail/discuss/attachments/20030729/2143559a/attachment.sig>
More information about the Discuss
mailing list