<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: Re: Cipe through SSH
From: "Ed Padin" <ohdamnthathurts,AT,yahoo,DOT,com>
Date: Wed, 3 Jan 2001 16:06:36 +0100
In-reply-to: <018001c07291$e61c4290$1619a8c0@ERDELYM>

Olaf wrote a nice document on the timing problems encountered when tunneling
TCP over TCP. What you suggest falls under that category. It also intruduces
2 encrypted layers. It seems to me that, if you have no other choice but to
network this way, using PPP instead of Cipe may be a better option.

Another possibility is to use a socks5 solution. Socks 5 makes a connection
from client to server using TCP and (usually) port 1080. You can use ssh to
forward port 1080 to a socks server on the remote side. If you're client is
a windows box, I suggest you use the hummingbird socks5 client. I've never
set up a linux socks client but I think there's a program called 'socksify'
that makes regular net apps use the socks server. Of course, this solution
only works if we're talking client-to-site, not site-to-site.

Socks5 gets around the TCP over TCP problem because it acts as a proxy. When
you connect to something via a socks 5 server, the remote end sees it as the
socks server being the source of the packets (like NAT). I don't think it's
forwarding packets in the same way Cipe does.

----- Original Message -----
From: "Erdely, Michael" <mike-lists,AT,erdelynet,DOT,com>
To: <cipe-l,AT,inka,DOT,de>
Sent: Saturday, December 30, 2000 1:54 PM
Subject: Cipe through SSH

> This is probably a silly request, but is it possible to create a Cipe
> connection through an SSH tunnel?
> Below is a terrible "drawing":
> Remote PC ----->Internet---->Firewall---->SSH Server---->Cipe Server
> So, the "Remote PC" is running Windows 2000 Pro.  It creates an SSH
> connection to the "SSH Server" which is allowed through a port redirection
> in the "Firewall".  Is it possible, then, for the "Remote PC", using port
> forwarding in SSH, to create a Cipe connection with the "Cipe Server",
> running Windows 2000 Pro?
> Thank you,
> Mike Erdely
> mailto:mike,AT,erdelynet,DOT,com
> http://mike.erdelynet.com/
> --
> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> Other commands available with "help" in body to the same address.
> CIPE info and list archive:

<< | Thread Index | >> ]    [ << | Date Index | >> ]