RARE user and assistance email list

[Xavier Jeannin <>]

Hello Csaba,

Thank you for your answer.
You are right it is not necessary to enter into a never-ending 
discussion with my security team.

I just try to answer theM. The first point is that the access to the 
machine is made thanks 'classical' SSH linux connection.
The second point I would have liked to answer is that as simple L2 
switch there is no involvement of SSL Freertr code? so no pb :-)

Thank you for your help
Regards
Xavier

Le 04/07/2022 à 08:55, mc36 a écrit :
> hi,
>
> everything when you configure them in freerouter: as 
> openssl/openssh/strongswan dont have the concept about vrfs defined in 
> freerouter,
> even less the tcp/ip stack above these, and even more less about the 
> proxy profiles defined over these to perform the actual streams...
>
> btw it'll be a neverending debate between you and your security team 
> so i would not suggest to do so:
>
> on one side of the coin there is the mainstream (eg linux), and the 
> reasoning is that more eyes catch more issues...
> on the other size there is the non-mainstream (eg freebsd), and the 
> reasoning is that they do kiss code...
>
> and the outcome depends mostly on the believes and not the quality of 
> the work in question...
>
> br,
> cs
>
> On 7/4/22 08:48, Xavier Jeannin wrote:
> > Hello Csaba,
> >
> > Thank you for your help explaining me that the the SSH connection to 
> > the switch uses the standard Linux OpenSSL version.
> > Can you tell me the protocols that use the SSL version developed in 
> > Freertrt, please?
> >
> > Wirerguard?
> > IPSec?
> > BGP for authentication (RPKI)?
> > ....
> >
> > Thank you
> > Regards
> > Xavier
--
Xavier JEANNIN
Network Dpt.
GN4-3 Network technology evolution (WP6 T1) task leader
Tél. : +33 1 5394 2042
Mob. : +33 6 3017 0963
www.renater.fr