pan user <p...@mll.nosnoop.com> wrote: > >On Mon, 2009-02-02 at 20:50 +0100, Beso wrote: >> 2009/2/2 pan user <p...@mll.nosnoop.com>: >> > On Mon, 2009-02-02 at 19:27 +0000, Duncan wrote: >> >> "m...@gmail.com" >> >> <mistericec...@gmail.com> posted >> >> 49872cfa.9030...@gmail.com, excerpted below, on Mon, 02 Feb 2009 18:27:22 >> >> +0100: >> >> >> >> > Well, if you are doing it this way, you never use SSL. To use ssl with >> >> > pan, you have to use stunnel. >> >> >> >> stunnel! /That's/ the app that I've seen people mentioning! Thanks. I >> >> had forgotten the name, thus deliberately avoided mentioning it in my >> >> initial explanation. >> >> >> > >> > There is also Putty, which makes SSH a bit easier. >> > >> for what i know putty is useful as a secure alternative to telnet and >> similar, because it provides direct ssh connection to >> an enabled ssh server. ssl instead is used for a transparent ssl >> encoding of services. it can be used also for other types of traffic, >> like emails or http browsing. it usually has default setting for a >> number of different services but for what i know >> nntp ssl needs to be configured. you set the secure socket redirection >> with stunnel on a loopback device port and use >> pan authentication over it. for pan the server would be the loopback >> device one, while stunnel will take care of tunneling >> the traffic to the end provider. > >I route all my connections through ssh tunnels, e-mail, http, nntp by >way of port forwarding. > >Either way, stunnel or ssh tunnel, will work, boils down to personal >likes.
No, SSL != SSH, the only thing they have in common is "encryption". You have no use for SSH when talking to a SSL-enabled server, and you have no use for stunnel when talking to a SSH server - which is what you need to do to establish a SSH tunnel. Of course it's theoretically possible for a News provider to provide both "direct" access via SSL to their NNTP server and a SSH server on the same host that can a) terminate a SSH tunnel and b) make a cleartext connection to that same NNTP server - but I bet it's "unusual". --Per Hedeland _______________________________________________ Pan-users mailing list Pan-users@nongnu.org http://lists.nongnu.org/mailman/listinfo/pan-users
