why was this needed when ssh already existed?
>why didnt they send the space shuttle to rescue the apollo 13 astronauts
>>106730143>about 56 hours into the flight, while stirring oxygen tanks, a tank exploded. the explosion crippled the Service Module, knocking out power, oxygen, and propulsion. that's when Jack Swigert reported the famous line: "Houston, we've had a problem."
>Howouston, we got a big pwoblem >.<`
We never went to the moon.
>>106730437tzd
>>106730134it uses the same tech as ssh
>sshset up sshd, generate some keypairs on client devices, add the public keys to sshd and it just werks>httpsneed to have a real domain name, have to fuck around with Let's Encrypt challenges, and set up cronjobs or whatever so that you can have short lived certs (3 months) that are le trustedOR fuck around with self-signed certs and big scary screens telling you hackers are going to steal your monies unless you add your fake ass CA to the system's trusted root CA list on every single client devicewhy does it suck so much?
>>106730134That's... a really good question. Why do cloud storage services have a HTTP web interface? Just mount it as a local drive. (Yes I know there is software to do this)
>>106730656Very antisemitic. Delete this.
>>106730656>sshYou get a warning on the first connection to a remote host. Then if you save the fingerprint it will never ask for that again unless you change key pairs.>httpsYou can use self-signed certificates but many gay browsers reject them.>>106730740The noticing will continue.
>>106730134it used to be that everyting was cleartext or imagescard numbers site addresses pretty much allnot so nice as there were no network switch but hub that send all data to all network ports
>>106730656They want to control you.
>>106730134HTTPS stands for HTTP over SSH.
>>106731006Hyper Tension Titty Pinchers over SSH?
>>106730134ssh doesn't have certificate authorities.
>>106730656If you don't care about security on an internal network, why not just use plain http? Nothing forces you to use https.>>106730666Because http is the lingua franca of the modern web, supporting CIFS or NFS or Plan9 or whatever remote filesystem you want them to would be overhead for basically no reason.>>106730870All CA's are self-signed, the only way a browser can reject them if it maintains its own CA bundle, which is just that browser being dumb and not respecting the system defaults.
>>106730134Because creating and maintaining ssh connections is comparatively computationally expensive.
>>106732329stream video over ssh and you will saturate things
>>106731079>argumentum ad verecundiam
>>106730656>fuck around with self-signed certscurious that when talking about ssh it's just "le simple generate le key" but basically the same exact thing (gen key -> gen cert) becomes "fuck around">big scary screens telling you hackers are going to steal your monies unless you add your fake ass CA to the system's trusted root CA list on every single client deviceThat's the client software, nothing to do with HTTPS. When I ssh into a new machine I am asked to trust it, just like with a self signed HTTPS websiteTLDR: kys tech illiterate
>>106731079https://utcc.utoronto.ca/~cks/space/blog/sysadmin/OpenSSHRestrictingCertAuthority
>>106730656>httpsA solved problem with caddy and the like
>>106734209>curious that when talking about ssh it's just "le simple generate le key" but basically the same exact thing (gen key -> gen cert) becomes "fuck around"Because generating CA is not that simple as generating key pair for ssh: there are bunch of settings that you have to take into account in order to make CA certificated that won't be invalidated browser and then a setting or two to make it installable in Android.
>>106730134top lmao
just use tor-hidden-service
>>106730437>>106730474I doubt this too because IF they did it in the 60s, why can't they do it now with much better technology? very suspicious
>sshhow's the site owner going to allow your public ssh key to make connection to the URL?
Totally different usecase. Great thread.
