On Dec 31, 2005, at 2:58 AM, Chris Stephens wrote:
> Hi folks,
> I have recently installed a dual XServe G5 at a datacentre and they
> won't let me (yet!) open up ports 311 and 1220 - for QTSS publisher
> and the web interface to QTSS respectively.
> While I was there the guys (mostly Linux guys, fwiw) rang up a
> "friend" who warned them empahtically not to tunnel these two
> through SSH - but without giving any reason.
> Is this mystery person right? Is there a security risk of doing
> that? Has anyone done this? If so, what is the best way - using SSH
> Tunnel Manager?
> Thanks for your help with this...
It's possible that your "mystery friend" was concerned about exposing
ssh directly to the public internet. IPSec is a safer choice,
although it places an additional computational burden on both the
broadcaster and server.
blackfrog software, inc.