Using SSH

S Ramakrishnan rk_ at MAILCITY.COM
Mon Jan 31 22:21:21 EST 2000 

Hi -

Thanks for the useful information.
My questions about the protocols
used in SSH was with regards to:

 (a) what key exchange protocol is used
      by SSH?
 (b) what authentication protocol is used?
 (c) Are the encryption keys used by SSH
     derived off the authentication information
     provided by the client (such as the
     password or some such)?
 (d) Can the client authentication be
     bound to RADIUS?

Thanks !

 - r

On Mon, 31 Jan 2000 15:36:36   Cramer, Matthew wrote:
>For the NT server side, you can install a replacement POSIX subsystem and the
>GNU compiler.  My personal favourite is U/WIN from ATT Labs - there is info out
>there on getting GCC to work with U/WIN (see the U/WIN users list).  With that,
>one could compile SSH and then run it as a service.  I've heard of it done, but
>never done it.
>
>NT Client side - there is DataFellows F-Secure, SecureTTY (both commercial), and
>PuTTY (free, but does not do RSA auth).
>
>SSH supports more than the algorithms you list - also IDEA (default) and ARCFOUR
>(a implementation of RC4 (in theory) published to Usenet).  Those are of course
>just the symmetric cryptography; RSA is used for the asymmetric key exchange.
>OpenSSH from the OpenBSD folks probably uses Diffie-Hellman for key exchange
>(since RSA is patent restricted by US patent law until fall of 2000).
>
>Your statement about location does not make sense - SSH is available from all
>sorts of places, .fi and .nl, for example, which are not bound by US Export
>restrictions.  Don't download any crypto from us Americans - first of all our
>Government needs their head's examined, secondly stronger crypto is available
>everywhere else!
>
>
>
>
>From: Saravana Ram <Torx at TM.NET.MY> on 01/30/2000 03:36 AM
>
>Please respond to Saravana Ram <Torx at TM.NET.MY>
>
>To:   VPN at SECURITYFOCUS.COM
>cc:    (bcc: Matthew S Cramer/Lancaster/Corporate/Armstrong)
>Subject:  Re: Using SSH
>
>
>
>From: "S Ramakrishnan" <rk_ at MAILCITY.COM>
>
>
>> Can SSH be used on an NT box?
>> Are there sample blusprints to
>> get up and started on SSH based
>> access control schemes?
>
>Which will be the server side, a Linux box or an NT box? That is more
>important. The full SSH package is easily available on unix flavours, but I
>know not of any server-side implementations for NT. SSH clients, though, are
>available on both platforms. (How could you use it on the server side,
>anyway?)
>
>> What underlying security protocol is
>> SSH based on?
>
>If you are asking about cryptographic transfroms, the original SSH uses DES,
>3DES, and Blowfish. But if you're not in America, you're left with only DES.
>
>VPN is sponsored by SecurityFocus.COM
>
>VPN is sponsored by SecurityFocus.COM
>


MailCity. Secure Email Anywhere, Anytime!
http://www.mailcity.com

VPN is sponsored by SecurityFocus.COM

More information about the VPN mailing list