>>> > > Are there any more features that might make SSH valuable?
>>> > 
>>> > TCP tunnelling.
>>> 
>>> Could be good point, however, in many cases you'll end up with tcp over tcp
>>> which isnt a good idea. To point out one issue with that look here:
>> 
>> No, because in case of ssh it's not the tcp packets which are carried by the
>> tunnel but users data.
>> 
>My understanding is "tunnel", as a concept in SSH, is a feature
>of port forwarding. This seems like a good feature, but something
>that is rarely usable. Am I mistaken?

if you were transporting a ppp connection though an ssh connection,
that would probably suffer from the problems described in the below
url.  ssh'd port forwarding just takes the data from a tcp connection
and pushes though a different tcp connection (one that is encrypted,
usually).

>>> http://sites.inka.de/sites/bigred/devel/tcp-tcp.html
>>> 
>>> To come back on ssh, two other advantadges (forgive my worse English) are
>>> 1) RSA-based host authentication. 
>>> 2) Instead of giving in a username you can also use RSA based authentication
>>> with a passphrase. It's shortly explained in ssh(1) (man 1 ssh).
>>> 
>>> In these days of the internet it's more like: RIP telnet :)
>>> But ..... using ipsec and telnet isnt that bad.
>> 
>> Yes, if the remote end supports ipsec.
>> 
>Yes, but isn't that the same requirement from SSH?
>That both ends support SSH (1 or 2 or both).

yes, both ends have to support it, but getting both ends to support a
cooperative ssh version is much easier than getting both ends to use
ipsec.

-- 
|-----< "CODE WARRIOR" >-----|
codewarrior@daemon.org             * "ah!  i see you have the internet
twofsonet@graffiti.com (Andrew Brown)                that goes *ping*!"
andrew@crossbar.com       * "information is power -- share the wealth."