|
||||||||||
Secure Shell PluginThis implementation of SSH provides IDEA, Blowfish and RSA/PKCS#1 encryption and was originally written in 1998 by Cedric Gourio. He used a part of the old Java Telnet Applet to write his Java SSH client and so the code was similar to our old applet. There are other implementations of ssh for Java available, but those packages implement the whole ssh protocol and all features which makes the packages very big. We tried to keep our implementation to a minimum for easier download. You can configure the plugin using the following properties:
Security Note: The applet is suspectible to the man-in-the-middle attacks published by Security Portal. We cannot avoid this. We can't even use the RSA based host authorization, since the applet itself is downloaded from the remote host, may not keep local state and might be modified by the man-in-the-middle. The only way to guard against applet modification would be having it signed with a trust certificate. This is too expensive both money- and timewise for us. So there is encryption, but it only guards against normal packetsniffing attacks.
|
Additional
Programmer Documentation is available:
|
|
||||