[pve-devel] High Performance SSH

dea dea at corep.it
Thu May 28 12:55:31 CEST 2015


> I don't think it is wise to play with security-related software in 
> the stack. If OpenBSD and Debian (or for the matter all the other 
> distros) haven't applied those patches, I'm sure there is some 
> reason, although maybe it being only "uncertainty".

Yes, is true.

But I think that from an uncrypted connection (from cluster nodes) and a maybe
insecure ssh patched connection there is a lot of difference.

We can use a patched ssh connection on special port only to connect nodes
(live migration, etc), than use a standard Debian ssh daemon on standard port
to admin the cluster.


More information about the pve-devel mailing list