> We have both installed since they have different capabilities.
> Stel is much faster starting up from inetd (ssh is as fast when started as
> standalone daemon, but we use tcp_wrappers on our servers so inetd is
> preferable in this case - on the gateway machine it runs as a daemon)
> ssh has a PC/Windows client, stel does not. ssh has X11 forwarding through
> the encrypted channel. Stel has good S/Key and Securid support. ssh
> has some support for SecurID, but not as well integrated as Stel.
>
> Neither will do FTP, as was your original need, but ssh will do an rcp like
> thing which may be just as good as FTP in your circumstances. Also you may
> want to look at the tcpwrappers+logdaemon. There is a replacement ftpd in
> this package that supports S/Key for one time passwords.
> ssh would probably allow you to forward a 3270 connection through an arbitrary
> socket, but I have not tested this.
Actually, STEL supports experimental file transfer, by means of the -a
option. When the -a option is turned on you get two things: protection
from active attacks and FTP-like PUT & GET commands. Yes, the -a option
makes the connection slower, expecially for highty interactive
sessions (i.e., when editing a file), but you can not get everything:-)
>From stel's manual:
-a Protect from active attacks. This is one of the most
advanced features of stel. When using this option, the data
stream which is transmitted from client to server and vice
versa is ``packetized'' and sanity checks are performed on
each data packet. Sanity checks include CRC32 encrypted
MACs, to foil garbage injection, and encrypted sequence
numbers, to foil replay attacks. When using this option,
file transfer facilities are also available.
|
|
