From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jim Choate To: <9fans@cse.psu.edu> Cc: In-Reply-To: <002e01c36b05$68bc5f50$c901a8c0@cc77109e> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: [9fans] Re: NAT'ing a drawterm connection Date: Mon, 25 Aug 2003 08:11:59 -0500 Topicbox-Message-UUID: 2126767c-eacc-11e9-9e20-41e7f4b1d025 On Mon, 25 Aug 2003, Bruce Ellis wrote: > maybe you guys drawterming over open networks should consider > the security of running a cleartext 9p connection over such a connection. > that's what you are doing. a simple sniff can copy your key strokes ... > the auth is secure but the connection is cleartext. type away. Yes, that is absolutely true. And we are well aware of it (sniffers are a regular tool for us, snoopy needs work!) However, before we can stick a tunnel around it we need to understand what and how things are working. I'd say a bug needs to be entered against Drawterm for not using the inherent crypto of Plan 9. How long has this app been around, how many people will use it? Poor decision not to include this when it was first crafted. It's definitely on our 'To Do' list. Our long term plan is to have an encrypted tunnel between each node, with each 'hub' node having a unique key pair between it and each member node. -- -- ravage@ssz.com jchoate@open-forge.com www.ssz.com www.open-forge.com