topic Re: SSL in Operating System - HP-UX

SSL

Sathish C — Thu, 26 Feb 2004 00:53:03 GMT

Hi
If we decided to take away ftp,rlogin,remsh,finger and try to work with SSH,SCP will the codes that were written with open socket function get affected , or I can just concentrate on finding out codes that are using remsh,rcp and ftp .

Thanx

Re: SSL

Ravi_8 — Thu, 26 Feb 2004 01:07:08 GMT

Hi,

Yes it will get affected, you have to look for code using remsh,rcp anf ftp

Re: SSL

Steven E. Protter — Thu, 26 Feb 2004 01:11:57 GMT

anything that uses remesh can be done with ssh
anything that can be done with rcp can be done with scp
anything you do with ftp can be done, even scripted with sftp.

Good choice.

SEP

Re: SSL

Steven E. Protter — Thu, 26 Feb 2004 01:15:00 GMT

If you use named based virtual hosting its not possible to run ssl on the server.

I think you can get away with it if you use ip based virtual hosting or dedicate an ip address to the ssl connection.

I'm working on that and will report back.

SEP

Re: SSL

Sathish C — Thu, 26 Feb 2004 01:17:36 GMT

How do we do about socket() functions that were written via c or c++ code ? What I mean is If search my Configuration Control System with codes that contains remsh,ftp,rcp this will not suffice this SSL implementation , Am I right ?

Re: SSL

Steven E. Protter — Thu, 26 Feb 2004 01:24:06 GMT

You will need to change and recompile that code.

SEP

Re: SSL

rick jones — Fri, 27 Feb 2004 14:01:03 GMT

If you want all communications from your system encrypted, you might consider using IPSEC, which can be configured at the IP level and thus can cover everything at once.

Note that this is _not_ the same as excrypting at the socket layer a la SSL.

As pointed-out, if you also want arbitrary socket applications to use SSL you will need to take steps to compile them to use it.