09-02-2008
Yes, the SSH protocol uses encryption to protect the session from eavesdropping etc.
10 More Discussions You Might Find Interesting
1. Cybersecurity
Eh... yeah. What the title says. :D (1 Reply)
Discussion started by: PSC
1 Replies
2. Shell Programming and Scripting
Hello All,
I was wondering if the titlebar in "F-Secure SSH Client for Windows" is changeable. Currently I see the host name in the title bar. I would like to add "user@host" to the title. So when I log on to a particular box and do a ssh to another box the title should dynamically... (3 Replies)
Discussion started by: ssikhar
3 Replies
3. Solaris
I am using shell script to do secure ftp. I have done key file setup to do password less authentication. Following are the FTP Details:
FTP Client has Sun SSH.
FTP Server has F-Secure.
I am using SCP Command to do secure copy files. When I am doing this, I am getting the foll error
scp:... (2 Replies)
Discussion started by: ftpguy
2 Replies
4. UNIX for Dummies Questions & Answers
Hi I am working in Solaris 10 and I want to monitor logs for every telnet/ssh session that tries to connect to the server. I need these logs to be generated in a file that I can fetch using ftp.
I am a new user and a stepwise detail will be great
BR
saGGee (3 Replies)
Discussion started by: saggee
3 Replies
5. Shell Programming and Scripting
I have
tools -> options -> terminal -> buffer -> 999999
but when I scroll up, I often lose what I scroll up to. This always happens when I am connected to oracle in sqlplus. This has never happened to me with poderosa in Sun Solaris or Linux and I have never had to set any variables or... (1 Reply)
Discussion started by: guessingo
1 Replies
6. What is on Your Mind?
I am curious about the most popular ssh client on Windows environment. Talking about me, I use PuTTY most of the time coupled with WinSCP to transfer files. But, I like Tera Term too. It has great drag-drop feature where you can drag a file/folder and drop on the window and it will transfer the... (14 Replies)
Discussion started by: admin_xor
14 Replies
7. UNIX for Dummies Questions & Answers
Hi,
I want to know the difference between these two services. Both are under xinetd. Both are used for enabling and disabling Telnet service. So, can somebody please explain me the difference between the two ?
Thanks in advance :) (0 Replies)
Discussion started by: kashifsd17
0 Replies
8. HP-UX
I can connect to the UNIX box using a TCP/IP Telnet session but the UNIX does not respond with the login prompt.
The box responds to a PING and the Telnet session actually connects, but no prompt of any sort is recieved back.
I can connect via the console, get the login prompt and can login. ... (3 Replies)
Discussion started by: Newnix
3 Replies
9. UNIX for Advanced & Expert Users
Hi,
I am facing problems whie trying to do a passwordless ssh to Unix box from windows. Public key was generated using F-secure. When the F-secure client attempts it connects without password but when I try to use sftp2 in command line it prompts for password.
I have tried several options and... (0 Replies)
Discussion started by: dhrajj
0 Replies
10. Linux
Hi,
I am facing problems whie trying to do a passwordless ssh to Unix box from windows. Public key was generated using F-secure. When the F-secure client attempts it connects without password but when I try to use sftp2 in command line it prompts for password.
I have tried several options and... (3 Replies)
Discussion started by: dhrajj
3 Replies
LEARN ABOUT XFREE86
ipsecesp
ipsecesp(7P) Protocols ipsecesp(7P)
NAME
ipsecesp, ESP - IPsec Encapsulating Security Payload
SYNOPSIS
drv/ipsecesp
DESCRIPTION
The ipsecesp module provides confidentiality, integrity, authentication, and partial sequence integrity (replay protection) to IP data-
grams. The encapsulating security payload (ESP) encapsulates its data, enabling it to protect data that follows in the datagram. For TCP
packets, ESP encapsulates the TCP header and its data only. If the packet is an IP in IP datagram, ESP protects the inner IP datagram.
Per-socket policy allows "self-encapsulation" so ESP can encapsulate IP options when necessary. See ipsec(7P).
Unlike the authentication header (AH), ESP allows multiple varieties of datagram protection. (Using a single datagram protection form can
expose vulnerabilities.) For example, only ESP can be used to provide confidentiality. But protecting confidentiality alone exposes vulner-
abilities in both replay attacks and cut-and-paste attacks. Similarly, if ESP protects only integrity and does not fully protect against
eavesdropping, it may provide weaker protection than AH. See ipsecah(7P).
ESP Device
ESP is implemented as a module that is auto-pushed on top of IP. Use the /dev/ipsecesp entry to tune ESP with ndd(1M).
Algorithms
ESPuses encryption and authentication algorithms. Authentication algorithms include HMAC-MD5 and HMAC-SHA-1. Encryption algorithms include
DES, Triple-DES, Blowfish and AES. Each authentication and encryption algorithm contain key size and key format properties. You can obtain
a list of authentication and encryption algorithms and their properties by using the ipsecalgs(1M) command. You can also use the functions
described in the getipsecalgbyname(3NSL) man page to retrieve the properties of algorithms. Because of export laws in the United States,
not all encryption algorithms are available outside of the United States.
Security Considerations
ESP without authentication exposes vulnerabilities to cut-and-paste cryptographic attacks as well as eavesdropping attacks. Like AH, ESP is
vulnerable to eavesdropping when used without confidentiality.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWcsr (32-bit) |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
SEE ALSO
ipsecalgs(1M), ipsecconf(1M), ndd(1M), attributes(5), getipsecalgbyname(3NSL), ip(7P), ipsec(7P), ipsecah(7P)
Kent, S. and Atkinson, R.RFC 2406, IP Encapsulating Security Payload (ESP), The Internet Society, 1998.
SunOS 5.10 18 May 2003 ipsecesp(7P)