On Tue, Feb 13, 2001 at 07:24:26AM -0500, Tim Sailer wrote:
On Tue, Feb 13, 2001 at 11:25:58AM +0100, Balazs Scheidler wrote:
Free version: ------------- HTTP/1.1 (keep-alive and chunked encoding fully supported) FTP finger SSL plug
Commercial version: ------------------- Enhanced SSL POP3
What abount telnet? Any plans for trying to do ssh?
telnet is under consideration. It was not a primary objective, since there's not too much you can do with the telnet protocol (except for option negotiation and environment variable filtering), a simple plug would suffice. Telnet is inherently insecure, it shouldn't be used in security conscious environments, a proxy wouldn't change this. SSH is also planned. Personally I have already implemented a working SSH2 proxy (in the LSH project), but Zorp will probably use an independent implementation.
ALso, what about authentication? We use T.Rex right now since it uses Radius as one of it's authentication methods, and that gives us One Time Passwords with our Radius/CryptoCard server.
We have our own authentication system, currently supporting S/Key and CryptoCard (ANSI X9.9). We partly removed it from 0.7.x, because we are redesigning some parts.
We're also looking for Telnet and FTP proxies that are Kerberos5 aware. I'm pretty sure we'll have to roll our own on that one.
What do you mean on that? Authenticate your users for going through the firewall? -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1