[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] ssh access

To: 'Lance Spitzner' <lance@ksni.net>, Ivan Fox <ifox100@hotmail.com>
Subject: RE: [FW1] ssh access
From: "Paquette, Trevor" <TrevorPaquette@metronet.ca>
Date: Tue, 9 Nov 1999 10:15:28 -0700
Cc: fw-1-mailinglist@lists.us.checkpoint.com


Actually SSH version 1.X is not free for commercial use either.

I talked DIRECTLY to DataFellows regarding SSH 1.0
about this. If SSH 1.0 is used in any manner, shape or form in a
commercial environment, then it must be licensed. (whether it
directly or indirectly generates revenue.)

According to DataFellows, the license was written by Finnish
lawyers, in their language and was translated into English. The
translation lost some of it's original meaning. Because of this,
they have been reluctant to enforce the license.

SSH2 is technically superior to SSH1, and is the future of SSH.
It is faster and even has sftp. I for one, have told our senior
folks that with SSH2 I can lock down the servers even more. And
at a dollar cost of (approx) $500, less then 2 dollars per day
in a year, I (and they) can sleep better.

> -----Original Message-----
> From:	Lance Spitzner [SMTP:lance@ksni.net]
> Sent:	Sunday, November 07, 1999 8:42 PM
> To:	Ivan Fox
> Cc:	fw-1-mailinglist@lists.us.checkpoint.com
> Subject:	Re: [FW1] ssh access
> 
> 
> On Sun, 7 Nov 1999, Ivan Fox wrote:
> 
> > We are thinking to use SSH, but have no experience with it or Unix at
> all.
> 
> Alot of people have been asking me about ssh and how to use it in
> a firewalled environment.  I may have a topic for my next whitepaper :)
> To be dead honest, I'm still learning about ssh every day, it has
> many powerful options.
> 
> > Am I correct to say that there is no SSH for Microsoft NT?
> 
> I believe there are several options for sever based ssh on NT,
> however I have never used any.  I know for a fact there are many
> client based ssh options for Windows and NT, I'm personally a big
> fan of SecureCRT from http://www.vandyke.com
> 
> > However, I can setup a UNIX server so that users can "ssh" to it and
> then to
> > NT and/or other UNIX servers?
> 
> That is definitely an option, you would be building a ssh proxy.
> This adds an addtional layer of security as you have central point
> of inboud traffic, and can log who is accessing what.
> 
> > What if the NT servers are in DMZ, would users use the SSH server as a
> > spring board to other servers?
> 
> Once again, that is an option with your ssh proxy server.  It really 
> depends on your network, what traffic is going where, and your security
> policy.
> 
> > With implementation of SSH, I can limit users just using FTP, but not
> > TELNET, through OS?!
> 
> I'm a little confused by this question.  ssh can be used as an encrypted
> replacement for telnet.  It also has scp, which is an encrypted method
> of copying files.
> 
> For more info on ssh, download the source and check out the docs.  You
> can find ssh at http://metalab.unc.edu/pub/packages/security/ssh/
> 
> I recommend version 1.2.27.  Version 2.x and above has licensing issues
> (ie, not free).
> 
> Lance
> 
> 
> 
> ==========================================================================
> ======
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==========================================================================
> ======


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: Re: [FW1] SMTP Telnet
Next by Date: [FW1] Question about Log
Prev by thread: Re: [FW1] ssh access
Next by thread: Re: [FW1] ssh access
Index(es):
- Date
- Thread