[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: SSH tunnels
> this a reasonable way to go, or are there hidden problems in this
> approach as compared to SSL/TLS?
The program STunnel (SSL) is very easy to setup and administer.
It can also do client-side certificate validation quite easily. My
opinion is that it is easier to setup than ssh for VPN-like tunneling.
Because of that, I prefer STunnel. But since SSL is supported
natively in OpenLDAP there's no reason to tunnel at all. Just turn on
TLS.
As far as I know, Stunnel and ssh both work on Unixes and
MS-Windows.
--Derek
- References:
- SSH tunnels
- From: Richard Baldwin <baldwin@pgc.nrcan.gc.ca>