[2220] in linux-security and linux-alert archive
[linux-security] Re: POP secure access??
daemon@ATHENA.MIT.EDU (Crispin Cowan)
Mon Sep 20 18:25:53 1999
Message-ID: <37E65E7F.634F126@cse.ogi.edu>
Date: Mon, 20 Sep 1999 16:19:11 +0000
From: Crispin Cowan <crispin@cse.ogi.edu>
MIME-Version: 1.0
To: Rogier Wolff <R.E.Wolff@BitWizard.nl>
CC: linux-security@redhat.com
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Resent-From: linux-security@redhat.com
Resent-Reply-To: linux-security@redhat.com
Rogier Wolff wrote:
> One "digest" answer on the list.
The digest doesn't really discuss the option of tunnelling POP through
SSH, which is what our University department does. I have a Linux
client, so I just forward some local ports to remote ports with this
command:
ssh -C -l crispin -f \
-L 6666:mailhost.your.place.foo:110 \
-L 6667:mailhost.your.place.foo:25 \
mailhost.your.place.foo xbiff
For windows clients, we have people using the commercial Data Fellows
SSH client for Windows, which also can forward ports. The windows
users whine that it can't automatically open the port forwarding when
the click their mail client, but that's the only complaint.
The advantage over the SSL solution is that the SSH daemon is
relatively easy to set up. However, if your site already has SSL
support, then this issue is moot.
Crispin
-----
Crispin Cowan, Research Assistant Professor of Computer Science, OGI
NEW: Protect Your Linux Host with StackGuard'd Programs :FREE
http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null
