This might be a non-programming question.
Exposition:
1) I am using Linux.
2) I have two C++ programs, “client” and “server”; they run on different machines, they currently talk over tcpip. I have the source code to both programs.
3) Neither program does buffer over flow checking / defense against man in the middle atacks / mac / encryption.
4) I don’t want to add this extra layer of complexity to my programs.
5) I want to have the two programs just talk over a ssh channel (but both client & server are running on machines that are multi-user; so if I just open up ports, other uses may access them too).
Question:
What is the least intrusive way to get client&server to talk to each other over a secure channel?
Thanks!
As far as programming solutions go, you’d need OpenSSL or GNU TLS. Out of those two the latter is a lot more cleanly written (OpenSSL has many pitfalls).
For a really elegant solution one would use OpenSSL via boost::asio, but that solution is probably suitable only if you’re starting a new project.
In terms of user-space solutions, if you could set up both programs to run as a specified user, you could probably setup an SSL tunnel for them, but that highly depends on how you want connections to be established.