Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Perl > Perl Misc > Encrypted connection

Reply
Thread Tools

Encrypted connection

 
 
Jens Thoms Toerring
Guest
Posts: n/a
 
      05-17-2012
Hi,

I'm in the planning stage of writing a server-client
application for which I need good enryption of all data
exchanged between the server and client. While the client-
server part as such does't pose a major problem I don't
have much experience with encrypting a connection. I have
done quite a bit of reading and checking what's available
on CPAN, but I haven't yet a good idea about the best way
to do it. Some packages seem to only cover the client side,
others have rather mixed reviews etc. I guess several peo-
ple here have been doing this kind of stuff for years and
years and I would be really grateful for all pointers and
recommendations.
Thanks and best regards, Jens
--
\ Jens Thoms Toerring ___ http://www.velocityreviews.com/forums/(E-Mail Removed)
\__________________________ http://toerring.de
 
Reply With Quote
 
 
 
 
Tim Watts
Guest
Posts: n/a
 
      05-18-2012
Ben Morrow wrote:

>
> Quoth Eli the Bearded <*@eli.users.panix.com>:
>> In comp.lang.perl.misc, Jens Thoms Toerring <(E-Mail Removed)> wrote:
>> > I'm in the planning stage of writing a server-client
>> > application for which I need good enryption of all data
>> > exchanged between the server and client. While the client-
>> > server part as such does't pose a major problem I don't
>> > have much experience with encrypting a connection.

>>
>> Net::SSLeay

>
> That's a good answer, but it's probably easier to use IO::Socket::SSL,
> which is a layer over New::SSLeay that looks (almost) just like
> IO::Socket::INET. Remember to be careful about verifying the server
> certificate, and the client cert if you use one. You don't necessarily
> need certs from a public CA: using a private self-signed CA is fine, but
> you do need to check the certificate has been properly signed by the
> right CA.
>
> Sensible alternatives include ssh, Kerberos, and using HTTPS with a web
> server to handle the server-side encryption.
>
> Ben


And to the OP - don't discount the possibility of hooking IO through an
external tool, eg:

stunnel or socat or a real ssh client. A variation on this trick is to rig
stunnel/socat (and inetd) to deal with the SSL connection and present an
unencrypted net socket (or unix domain socket) on the loopback address to
which the local client or server will connect.

It's not as neat as having the client/server program deal with it - OTOH it
may be simpler and often, simpler lessens problems that lead to security
issues.

Cheers,

Tim
--
Tim Watts
 
Reply With Quote
 
 
 
 
Jens Thoms Toerring
Guest
Posts: n/a
 
      05-20-2012
Hi,

thank you very much to all of you - I guess I have now
a better idea were to look first and how to get started!

Best regards, Jens
--
\ Jens Thoms Toerring ___ (E-Mail Removed)
\__________________________ http://toerring.de
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
QoS on encrypted connection over DSL stefan.gasteiger@gendorf.de Cisco 3 02-20-2007 08:52 PM
Encrypted Connection String and Security....Quick Question Ranginald ASP .Net 2 02-06-2007 12:19 AM
Lose encrypted connection after re-boot Joe K Wireless Networking 0 12-27-2004 03:53 AM
Loose encrypted connection after re-boot joekohn@att.net Wireless Networking 0 12-26-2004 03:51 AM
Using encrypted dB connection string Alek Davis ASP .Net 12 06-03-2004 06:20 PM



Advertisments