If I have a connection between a client and a server using ssh. What is a good way to encrypt data sent outside the ssh connection for sending large amounts of data quickly and securely? I can use the ssh connection to set up the terms of the communication, sharing keys etc, but then will do the communication on the side.
views:
24answers:
1
+1
A:
Just pick a random symmetric key on one side, send it to the other side over the ssh connection, then use that key to encrypt your side traffic. A 128-bit AES key should work fine, encryption/decryption using AES is fast and secure.
You should pass a random initialization vector as well. Doesn't need to be over ssh, but passing it together with the key is probably easiest.
Keith Randall
2010-05-16 18:17:00