[MacTUG] afp over ssh on the client?
Steve Hellyer
phasetwo at apple.com
Tue Apr 29 15:38:20 EDT 2008
http://discussions.apple.com/thread.jspa?messageID=6742739
> Does that mean that clients can now connect securely?
I suppose depends on your definition of securely. We no longer use
cleartext password on AFP as an option (Yeah!).
Kerberoes mechanism is preferred for security but this requires a
server & DNS and getting ticket from server.
Really wanted to move away from SSH as it slows performance especially
on slow links (IE over internet) plus other reasons. VPN is much
faster technology and then all traffic is secured over that virtual
pipe not just AFP.
Client to Client is password encryption. Don't see SSH being a viable
option in this situation as we need to open terminal access.
We are open to suggestions. One that works via NAT gateways, doesn't
require terminal access, static IPs, etc...
More info...
http://developer.apple.com/documentation/Networking/Conceptual/AFP/Concepts/chapter_2_section_5.html
http://en.wikipedia.org/wiki/Apple_Filing_Protocol for a good overview.
Hope this helps!
Steve
On 29-Apr-08, at 11:33 AM, Marlon A. Griffith wrote:
> Hi Steve,
>
> When connecting with afp using "Connect to Server...":
> - in Tiger:
> - client to server, a secure connection was possible
> - client to client, a secure connection was not possible
> - in Leopard:
> - client to client, I noticed there was no gui option to use ssh
> - Does that mean that clients can now connect securely?
>
>
> Thanks in advance,
> --
> Make it a great day!
> Marlon A. Griffith
> Engineering Computing
> University of Waterloo
> 519-885-1211 x38146
> m3griffi at engmail.uwaterloo.ca
>
> ===================================================
> The information in this message, including any attachments, is
> privileged and may contain confidential information intended only
> for the person(s) named above. Any other distribution, copying or
> disclosure is strictly prohibited. If you are not the intended
> recipient or have received this message in error, please notify us
> immediately by reply email and permanently delete the original
> transmission from us, including any attachments, without making a
> copy. Thank you
> _______________________________________________
> MacTUG mailing list
> MacTUG at lists.uwaterloo.ca
> https://lists.uwaterloo.ca/mailman/listinfo/mactug
More information about the MacTUG
mailing list