] ....... Also, ipsec provides for IP authentication, which is quite
] handy for preventing things like my laptop pretending to have a trusted
] machine's IP address and NFS mounting all sorts of things. Ssh can't even
] try to prevent that.
Ssh provides host authentication.
] ... With a secure IP layer, you greatly shore up the
] security of logins, ftp, talk, NFS, whatever. While with ssh, you get a nicely
] secure login, X, a secure authentication for ftp (but no encryption on
] transferred files I believe), and nothing for talk, nfs, dns, etc.
You can encrypt things with file transfer using the -c switch of scp.
Yes, ssh is a bit limited. I think SSL (secure socket layer) is the
better solution. I have been arguing with myself whether to use SSL or
SSH, and because of the ease of non-root installation/use, I chose
SSH. Think I should switch to SSL...
Delman