[pve-devel] High Performance SSH
dea at corep.it
Thu May 28 12:55:31 CEST 2015
> I don't think it is wise to play with security-related software in
> the stack. If OpenBSD and Debian (or for the matter all the other
> distros) haven't applied those patches, I'm sure there is some
> reason, although maybe it being only "uncertainty".
Yes, is true.
But I think that from an uncrypted connection (from cluster nodes) and a maybe
insecure ssh patched connection there is a lot of difference.
We can use a patched ssh connection on special port only to connect nodes
(live migration, etc), than use a standard Debian ssh daemon on standard port
to admin the cluster.
More information about the pve-devel