Author Topic: G++  (Read 14066 times)

0 Members and 2 Guests are viewing this topic.

Offline AntiVirus

  • Legendary
  • x86
  • Hero Member
  • *****
  • Posts: 2521
  • Best
    • View Profile
G++
« on: August 30, 2006, 04:23:52 pm »
Anyone know where I can find a download for this?  I have searched google and I haven't found any sites that have a download option, just an explination of what G++ is. :(

The once grove of splendor,
Aforetime crowned by lilac and lily,
Lay now forevermore slender;
And all winds that liven
Silhouette a lone existence;
A leafless oak grasping at eternity.


"They say that I must learn to kill before I can feel safe, but I rather kill myself then turn into their slave."
- The Rasmus

Offline Explicit

  • Hero Member
  • *****
  • Posts: 717
  • Hail Bender!
    • View Profile
Re: G++
« Reply #1 on: August 30, 2006, 04:25:22 pm »
Quote
Like all things in life, pumping is just a primitive, degenerate form of bending.

Quote
Hey, I don't tell you how to tell me what to do, so don't tell me how to do what you tell me to do! ... Bender knows when to use finesse.

[13:41:45]<@Fapiko> Why is TehUser asking for wang pictures?
[13:42:03]<@TehUser> I wasn't asking for wang pictures, I was looking at them.
[13:47:40]<@TehUser> Mine's fairly short.

Offline AntiVirus

  • Legendary
  • x86
  • Hero Member
  • *****
  • Posts: 2521
  • Best
    • View Profile
Re: G++
« Reply #2 on: August 30, 2006, 04:42:31 pm »
Hrmmm.. Now I feel dumb, but how do I open a .tar file?  And does G++ have an IDE version?  Does any of that make sense?

I feel so stupid. :(
The once grove of splendor,
Aforetime crowned by lilac and lily,
Lay now forevermore slender;
And all winds that liven
Silhouette a lone existence;
A leafless oak grasping at eternity.


"They say that I must learn to kill before I can feel safe, but I rather kill myself then turn into their slave."
- The Rasmus

Offline Ender

  • x86
  • Hero Member
  • *****
  • Posts: 2390
    • View Profile
Re: G++
« Reply #3 on: August 30, 2006, 05:08:49 pm »
GCC stands for the GNU Compiler Collection, and G++ is the GNU C++ compiler in that collection. Being a compiler collection, there are no IDEs that come with GCC, but IDEs can be used ontop of G++ just as they can be used ontop of any other compiler. I believe that the Dev-C++ IDE comes integrated with GCC.

If you're on Windows, there are many programs you can download that can unarchive tar files, but Windows doesn't come with any of them (eh, can't speak for vista). You can download the tar program for Windows, but from my experience it doesn't work very nicely on Windows (it doesn't have a few functionalities that it has on *nix). So if you're on Windows I would recommend 7-Zip. If you're on *nix, you already have it, so do: tar xvfz filename.tar.gz       or tar xvf filename.tar, the 'z' if it has gzip compression. Eh, and if you have Tiger, then... not sure if it comes with tar but give a whirl and there's definitely programs for untarring for Mac.

Also, if you're not on 'nix, be sure to download the pre-compiled package.

Don't feel stupid for asking questions. That attitude would destroy the purpose of a forum. There's nothing embarassing in learning. This response is long-winded but I hope it helps.
« Last Edit: August 30, 2006, 05:23:02 pm by Ender »

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: G++
« Reply #4 on: August 30, 2006, 05:13:52 pm »
To both of youze: it's gcc and g++, not capitalized.  "G++" confused me, but "g++" didn't, because the tools have lowercase names. 

If you're planning on using g++ from Windows, get Dev-c++ from http://www.bloodshed.net.  It's an IDE (other name for a GUI) that uses the Windows version of g++ and gcc to compile programs. 

But typically, gcc and g++ are command-line-based Unix/Linux compilers.  It's pretty rare to use them on Windows, except for educational purposes.

If you're on Linux and want to learn about .tar files, type "man tar" -- they give you examples at the top. 

If you're on Windows and want to play with tar files, you can use WinRAR.  But typically, tar files are intended for Linux. 

Offline Ender

  • x86
  • Hero Member
  • *****
  • Posts: 2390
    • View Profile
Re: G++
« Reply #5 on: August 30, 2006, 05:18:26 pm »
To both of youze: it's gcc and g++, not capitalized.  "G++" confused me, but "g++" didn't, because the tools have lowercase names. 
Well, that's just because Linux is base 39. Wikipedia capitalizes it =p. And we all know Wikipedia is always correct.
http://en.wikipedia.org/wiki/GNU_Compiler_Collection

Now begins the English vs. 'nix flamewars.


« Last Edit: August 30, 2006, 05:22:29 pm by Ender »

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: G++
« Reply #6 on: August 30, 2006, 05:33:40 pm »
Yeah, that's totally wrong. :P

Offline AntiVirus

  • Legendary
  • x86
  • Hero Member
  • *****
  • Posts: 2521
  • Best
    • View Profile
Re: G++
« Reply #7 on: August 30, 2006, 06:24:16 pm »
Thank you guys for your help.  And thanks Ender for making me feel less stupid. :P

I will download that Dev IDE.  I was just getting sick of having to telnet to our UNIX server for typing in a program and then having to use this hugemongus command to compile it.  It was getting on my nerves and I like having an IDE better. 

Thanks again guys. ^^

P.S.

Sorry about the caps thing.  Of course Ron would get "confused" by such a simple mistake. :P
The once grove of splendor,
Aforetime crowned by lilac and lily,
Lay now forevermore slender;
And all winds that liven
Silhouette a lone existence;
A leafless oak grasping at eternity.


"They say that I must learn to kill before I can feel safe, but I rather kill myself then turn into their slave."
- The Rasmus

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: G++
« Reply #8 on: August 30, 2006, 06:50:23 pm »
Thank you guys for your help.  And thanks Ender for making me feel less stupid. :P

I will download that Dev IDE.  I was just getting sick of having to telnet to our UNIX server for typing in a program and then having to use this hugemongus command to compile it.  It was getting on my nerves and I like having an IDE better. 

Thanks again guys. ^^

P.S.

Sorry about the caps thing.  Of course Ron would get "confused" by such a simple mistake. :P

Hugemongus?  If you have a program called "myprogram.c", you type "gcc myprogram.c".  That's not hard!  Everything else (like -o) is gravy. 

My favorite way of that solving the problem was installing Linux on my laptop.  But that's just me :P

Offline AntiVirus

  • Legendary
  • x86
  • Hero Member
  • *****
  • Posts: 2521
  • Best
    • View Profile
Re: G++
« Reply #9 on: August 30, 2006, 07:05:29 pm »
I have to do it this certain way.  And the command is not that simple..

It's: g++ -W -Wall -s -pedantic-errors name.cpp -o name

Then after that to actually get my file to run, I have to type:
./name

I find that a tad bit annoying.  I rather debug my program using an IDE then messing with a dos screen.  :P

And yes, hugemongus.  It's a word that I use all the time to exaggerate how big something is. :P

And yeah, my Dad told me I should use VMWare instead of dual booting my laptop. But, I don't know.  I want both Windows and a linux based operating system on my computer. 
« Last Edit: August 30, 2006, 07:07:09 pm by AntiVirus »
The once grove of splendor,
Aforetime crowned by lilac and lily,
Lay now forevermore slender;
And all winds that liven
Silhouette a lone existence;
A leafless oak grasping at eternity.


"They say that I must learn to kill before I can feel safe, but I rather kill myself then turn into their slave."
- The Rasmus

Offline Newby

  • Moderator
  • Hero Member
  • *****
  • Posts: 10877
  • Thrash!
    • View Profile
Re: G++
« Reply #10 on: August 30, 2006, 07:25:29 pm »
I wouldn't use VMware unless your computer can handle another OS running inside of it...

And that command is rather easy, btw. Look at some of the commands in Makefiles. Look how hard that'd be!

You should write a Makefile for your projects. :)
- Newby
http://www.x86labs.org

Quote
[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

I'd bet that you're currently bloated like a water ballon on a hot summer's day.

That analogy doesn't even make sense.  Why would a water balloon be especially bloated on a hot summer's day? For your sake, I hope there wasn't too much logic testing on your LSAT. 

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: G++
« Reply #11 on: August 30, 2006, 08:31:35 pm »
It's: g++ -W -Wall -s -pedantic-errors name.cpp -o name

I think that -Wall is a superset of -W, I think. 

-s is useless.  Actually, -s is bad -- it strips debugging information

I think -pedantic-errors is a bad thing, it lets you use functions that you shouldn't use, I think?  That doesn't seem right, but that's the impression I get from the man-page....

And you don't need -o, if you leave off -o it calls the output file "a.out". 


But using all those doesn't hurt.  However, Newby's right, a Makefile would make your life far easier. 

Offline AntiVirus

  • Legendary
  • x86
  • Hero Member
  • *****
  • Posts: 2521
  • Best
    • View Profile
Re: G++
« Reply #12 on: August 30, 2006, 09:52:13 pm »
Lmao.  I don't know how to make a makefile.  And besides, I am just doing what my teacher tells me to do. :P
The once grove of splendor,
Aforetime crowned by lilac and lily,
Lay now forevermore slender;
And all winds that liven
Silhouette a lone existence;
A leafless oak grasping at eternity.


"They say that I must learn to kill before I can feel safe, but I rather kill myself then turn into their slave."
- The Rasmus

Offline Joe

  • B&
  • Moderator
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: G++
« Reply #13 on: August 31, 2006, 12:13:58 am »
Your teacher should *teach* you how to install this stuff. :)
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline rabbit

  • x86
  • Hero Member
  • *****
  • Posts: 8092
  • I speak for the entire clan (except Joe)
    • View Profile
Re: G++
« Reply #14 on: August 31, 2006, 10:33:06 am »
Not really.  Usually teachers have machines setup with all this stuff ahead of time.  Sounds like AV is doing this at home.

Offline AntiVirus

  • Legendary
  • x86
  • Hero Member
  • *****
  • Posts: 2521
  • Best
    • View Profile
Re: G++
« Reply #15 on: August 31, 2006, 02:27:59 pm »
I am doing it at home. :P

I am just doing what my professor told me to do.  No need to argue, he probably has it set up like that because of the way the files are accepted or something to that nature.
The once grove of splendor,
Aforetime crowned by lilac and lily,
Lay now forevermore slender;
And all winds that liven
Silhouette a lone existence;
A leafless oak grasping at eternity.


"They say that I must learn to kill before I can feel safe, but I rather kill myself then turn into their slave."
- The Rasmus

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: G++
« Reply #16 on: August 31, 2006, 04:26:55 pm »
I am doing it at home. :P

I am just doing what my professor told me to do.  No need to argue, he probably has it set up like that because of the way the files are accepted or something to that nature.

No, he's likely doing it because you're new to it and he doesn't want to confuse you, so the "do it exactly like this"-style of thing is more useful.  Once you do it for awhile, you should start to figure out what the different flags do, why you're doing it that way, etc.  But all in time..

Offline AntiVirus

  • Legendary
  • x86
  • Hero Member
  • *****
  • Posts: 2521
  • Best
    • View Profile
Re: G++
« Reply #17 on: August 31, 2006, 05:31:03 pm »
Yes.. All in time.
The once grove of splendor,
Aforetime crowned by lilac and lily,
Lay now forevermore slender;
And all winds that liven
Silhouette a lone existence;
A leafless oak grasping at eternity.


"They say that I must learn to kill before I can feel safe, but I rather kill myself then turn into their slave."
- The Rasmus

Offline MyndFyre

  • Boticulator Extraordinaire
  • x86
  • Hero Member
  • *****
  • Posts: 4540
  • The wait is over.
    • View Profile
    • JinxBot :: the evolution in boticulation
Re: G++
« Reply #18 on: September 01, 2006, 02:23:44 pm »
Hrmmm.. Now I feel dumb, but how do I open a .tar file?  And does G++ have an IDE version?  Does any of that make sense?

I feel so stupid. :(

WinZip will open a .tar file as well as .tar.gz and I believe .tar.bz2 files.
I have a programming folder, and I have nothing of value there

Running with Code has a new home!

Our species really annoys me.

Offline AntiVirus

  • Legendary
  • x86
  • Hero Member
  • *****
  • Posts: 2521
  • Best
    • View Profile
Re: G++
« Reply #19 on: September 01, 2006, 02:38:50 pm »
Alright, cool.  That'll help me in the future. ^^

Danke, Myndfyre.
The once grove of splendor,
Aforetime crowned by lilac and lily,
Lay now forevermore slender;
And all winds that liven
Silhouette a lone existence;
A leafless oak grasping at eternity.


"They say that I must learn to kill before I can feel safe, but I rather kill myself then turn into their slave."
- The Rasmus

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: G++
« Reply #20 on: September 01, 2006, 02:54:04 pm »
Just use WinRar. :-\

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: G++
« Reply #21 on: September 01, 2006, 06:26:19 pm »
Hrmmm.. Now I feel dumb, but how do I open a .tar file?  And does G++ have an IDE version?  Does any of that make sense?

I feel so stupid. :(

WinZip will open a .tar file as well as .tar.gz and I believe .tar.bz2 files.

Last time I checked, WinZip didn't auto-associate with .tar files, so I just assumed it didn't recognize them.  Maybe that was a mistake. 

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: G++
« Reply #22 on: September 01, 2006, 06:57:29 pm »
I've never opened a bzip2 or gzip file with winzip, so I wouldn't have guessed that either.  I like WinRar quite a bit more anyway.

Offline Rule

  • x86
  • Hero Member
  • *****
  • Posts: 1588
    • View Profile
Re: G++
« Reply #23 on: September 02, 2006, 12:38:09 am »
re: long "g++ command"...

Make a C/C++ program to do it for you :)

Something like...

clink.c
Code: [Select]
#include <stdlib.h>
#include <stdio.h>

void usage();

int main(int argc, char *argv[])
{
  char *flags = "-W -Wall -s -pedantic-errors";
  char compilecommand[150]="\0";

  if (argc != 3)  usage();
 
  else
  {
    snprintf(compilecommand, 149, "g++ %s %s -o %s", flags, argv[1], argv[2]);
    system(compilecommand);
  }

  return 0;
}

void usage()
{
  fprintf(stderr, "Usage: ./clink [source file] [desired name of executable]\n");
  fprintf(stderr, "Example: ./clink testprog.c testworked\n");
  fprintf(stderr, "Warning: If the combined lengths of the source file and executable are too long,
           compilation and linking will not be successful\n");


Where I am (today), I don't have easy access to a C compiler or the time to access one.  So, that code might have bugs (I wrote it in 90 seconds, and I didn't test it)!  If so, treat it as a debugging exercise, but I hope it's bug free and makes your life easier. :)

Of course, writing a makefile would ordinarily make more sense, but this is a good way to practice C.

Edit: To compile clink.c, try something like
Code: [Select]
gcc -ansi -pedantic -Wall clink.c -o clink

To give yourself permission to execute clink,
Code: [Select]
chmod u+x clink

Also, you're lucky to be learning C++ and not Java as a first language!
« Last Edit: September 02, 2006, 12:54:23 am by Rule »

Offline Newby

  • Moderator
  • Hero Member
  • *****
  • Posts: 10877
  • Thrash!
    • View Profile
Re: G++
« Reply #24 on: September 02, 2006, 01:19:48 am »
Just write a really simple shell script program to do it for you. I mean, that's nice for practicing his C and all, but he'll have plenty of time to learn C. :)

Quote
newby@impaler:~/programming$ cat test.c
#include <stdio.h>

int main()
{
        printf("Hello, world!\n");
        return 0;
}
newby@impaler:~/programming$ ./clink.sh test.c outputfile
newby@impaler:~/programming$ ./outputfile
Hello, world!

Code: [Select]
newby@impaler:~/programming$ cat clink.sh
#!/bin/sh

FLAGS='-W -Wall -s -pedantic-errors'

if [ $# -ne 2 ]; then
        echo 1>&2 "Usage: $0 [source file] [desired executable of name]"
        echo 1>&2 "Example: ./$0 testprog.c testworked"
        echo 1>&2 "Warning: If the combined lengths of the source file and executable are too long, compilation and linking will not be successful"
else
        gcc $FLAGS $1 -o $2
fi
- Newby
http://www.x86labs.org

Quote
[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

I'd bet that you're currently bloated like a water ballon on a hot summer's day.

That analogy doesn't even make sense.  Why would a water balloon be especially bloated on a hot summer's day? For your sake, I hope there wasn't too much logic testing on your LSAT. 

Offline Explicit

  • Hero Member
  • *****
  • Posts: 717
  • Hail Bender!
    • View Profile
Re: G++
« Reply #25 on: September 02, 2006, 01:29:23 am »
I think you guys may be over-complicating things, at least for now.
Quote
Like all things in life, pumping is just a primitive, degenerate form of bending.

Quote
Hey, I don't tell you how to tell me what to do, so don't tell me how to do what you tell me to do! ... Bender knows when to use finesse.

[13:41:45]<@Fapiko> Why is TehUser asking for wang pictures?
[13:42:03]<@TehUser> I wasn't asking for wang pictures, I was looking at them.
[13:47:40]<@TehUser> Mine's fairly short.

Offline Ender

  • x86
  • Hero Member
  • *****
  • Posts: 2390
    • View Profile
Re: G++
« Reply #26 on: September 02, 2006, 09:15:35 am »
Not really. It's a good practice in programming to automate the building process. Although, all of you should keep in mind that he's on Windows (or at least I thought he was!)

Offline AntiVirus

  • Legendary
  • x86
  • Hero Member
  • *****
  • Posts: 2521
  • Best
    • View Profile
Re: G++
« Reply #27 on: September 02, 2006, 03:58:36 pm »
If you are talking about me, then yes, I am on Windows. :P

I don't have *nix on my laptop yet, but I do have to telnet over to a UNIX server to submit my homework and compile my program.
« Last Edit: September 02, 2006, 04:02:01 pm by AntiVirus »
The once grove of splendor,
Aforetime crowned by lilac and lily,
Lay now forevermore slender;
And all winds that liven
Silhouette a lone existence;
A leafless oak grasping at eternity.


"They say that I must learn to kill before I can feel safe, but I rather kill myself then turn into their slave."
- The Rasmus

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: G++
« Reply #28 on: September 02, 2006, 04:33:51 pm »
... telnet?  surely you mean ssh? :(

Offline Rule

  • x86
  • Hero Member
  • *****
  • Posts: 1588
    • View Profile
Re: G++
« Reply #29 on: September 02, 2006, 04:36:47 pm »
It could be telnet :P.  Makes me sentimental for a time that has long passed. :'(

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: G++
« Reply #30 on: September 02, 2006, 04:40:50 pm »
It could be telnet :P.  Makes me sentimental for a time that has long passed. :'(

Haha.  I don't think the Unix machines here have telnet running, but SSH is open to the outside world on all of the lab machines.  They all have unique ip's.

Offline AntiVirus

  • Legendary
  • x86
  • Hero Member
  • *****
  • Posts: 2521
  • Best
    • View Profile
Re: G++
« Reply #31 on: September 02, 2006, 06:13:56 pm »
I mean telnet. :P
The once grove of splendor,
Aforetime crowned by lilac and lily,
Lay now forevermore slender;
And all winds that liven
Silhouette a lone existence;
A leafless oak grasping at eternity.


"They say that I must learn to kill before I can feel safe, but I rather kill myself then turn into their slave."
- The Rasmus

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: G++
« Reply #32 on: September 02, 2006, 10:18:41 pm »
Haha, all our University servers ran SSH and Telnet, but you wouldn't catch me dead with Telnet.  It's just a dumb thing to use, you're asking to get your account stolen. 

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: G++
« Reply #33 on: September 03, 2006, 12:37:32 am »

Offline deadly7

  • 42
  • x86
  • Hero Member
  • *****
  • Posts: 6496
    • View Profile
Re: G++
« Reply #34 on: September 03, 2006, 01:10:32 am »
:( ??? :( :( :( :'( ???
The many faces of sidoh.
Sad, confused, and teary-eyed.
In other words: emo and stupid.
Hehe.
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
 [17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

Offline AntiVirus

  • Legendary
  • x86
  • Hero Member
  • *****
  • Posts: 2521
  • Best
    • View Profile
Re: G++
« Reply #35 on: September 03, 2006, 01:17:11 am »
Yeah, I am aware that Telnetting isn't safe, but it's what the school (as in our class) is making me do.  I suppose if anythign happens, it's their fault.  I'm not too worried if someone gets my password for my account.  I only use that password for my school E-mail account, so no harm if they do.
The once grove of splendor,
Aforetime crowned by lilac and lily,
Lay now forevermore slender;
And all winds that liven
Silhouette a lone existence;
A leafless oak grasping at eternity.


"They say that I must learn to kill before I can feel safe, but I rather kill myself then turn into their slave."
- The Rasmus

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: G++
« Reply #36 on: September 03, 2006, 01:45:22 am »
They get your password -> they log onto your account -> they hack/spam/etc -> you get in shit, expelled, etc. 

And sniffing telnet passwords is something that's reasonably common, I've heard stories about it more than once. 

Telnet should be banned, and everybody who uses it should be shot.  And, while we're at it, FTP. :)

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: G++
« Reply #37 on: September 03, 2006, 02:27:37 am »
Haha, FTP is terrible too.  It's too damn widespread to kill, though.  I really need to start using SFTP...

Offline Joe

  • B&
  • Moderator
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: G++
« Reply #38 on: September 03, 2006, 02:31:07 am »
Plus I remember iago saying something about SFTP being faster than FTP because it's encryption algorithm comes out smaller than it's input? I don't see how that's possible but eh.
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: G++
« Reply #39 on: September 03, 2006, 03:08:53 am »
Plus I remember iago saying something about SFTP being faster than FTP because it's encryption algorithm comes out smaller than it's input? I don't see how that's possible but eh.

Maybe during login, but it wouldn't be faster for the rest of the datastream to require less bandwidth.

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: G++
« Reply #40 on: September 03, 2006, 03:21:13 am »
SFTP supports in-line compression:

     -C      Compression enable.  Passes the -C flag to ssh(1) to enable comĀ­
             pression.

So it can be faster, depending on the data. 

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: G++
« Reply #41 on: September 03, 2006, 03:28:04 am »
Faster transmision, slower parsing and storing.  Seems like a moot tradeoff to me, though I can see where it would be advantageous.

Offline nslay

  • Hero Member
  • *****
  • Posts: 786
  • Giraffe meat, mmm
    • View Profile
Re: G++
« Reply #42 on: September 03, 2006, 05:48:50 am »
Well, ssh is only safer once you have established the authenticity of the RSA/DSA keys of the host.
On your first connect, a man-in-middle attack can still occurr.  Scary huh?
That's why certificate authorities exist, to prevent any possible situation where man-in-middle attacks can happen.

Here's how SSH works, or something along these lines:
Client connects to Server
1) Server sends DSA or RSA public key
2) Client generates a private DSA or RSA key by using some of the parameters from the server's public key
3) Client dups a DH key from the newly generated private key and computes a secret key K with the DH key and server's pub_key
4) Client takes a cryptographic hash of the secret key K and signs with the private DSA or RSA key
5) Client sends the signature and public DSA or RSA key
6) Server, like 3, computes a secret key K
7) Server verifies the signature against client's DSA or RSA public key
8) Server, like 4, signs K and sends signature
9) Client, like 6, verifies the signature

On a first connect, man-in-middle can happen because you don't have the server's public DSA or RSA key to begin with.  Therefore, the man in the middle can forge new keys and send his public key in place of the server's and basically conduct all 8 steps thereafter.
« Last Edit: September 03, 2006, 05:52:15 am by nslay »
An adorable giant isopod!

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: G++
« Reply #43 on: September 03, 2006, 12:40:08 pm »
Faster transmision, slower parsing and storing.  Seems like a moot tradeoff to me, though I can see where it would be advantageous.
True, but when transferring a file over the Internet, the connection speed is almost always the bottleneck, unless you're going over a LAN.  Even then, I suspect that network speed is probably the bottleneck. 

Do you just like arguing with everything you read lately?  You seem more argumentative than usual :P


Well, ssh is only safer once you have established the authenticity of the RSA/DSA keys of the host.
On your first connect, a man-in-middle attack can still occurr.  Scary huh?
Not really. 

With something like a school server, you're probably connecting to it every day.  Statistically, the odds of somebody doing a MitM the very first time you connect is actually pretty low, the same way the odds of somebody sniffing your telnet/FTP/pop3 password is pretty low.  However, when you do it every day, or several times a day, the odds of being attacked steadily increase.  It's the same way as on Battle.net -- the weakest point in the War3 authentication is creating your account, since you have to send some sensitive data over the wire, but that's so rare compared to logins that the risk is fairly low. 

Yes, having a trusted CA would mitigate the risk, but CAs charge money for their services.  I don't think every University server, every home Linux user, everybody who wants to use SSH for remote access wants to pay for a CA to store their key. 

We have to remember that there is no perfect solution to security.  Security is about weighing the risks against the difficulties, and implementing controls that mitigate the risks to the point where the risks are low, but the usability is high.  If you add too much security, your network becomes unusable and users will circumvent your controls, and if you add too little security you're at risk.  A good example of that is enforcing stupid password policies, so people write them down and stick them to the monitor. 

SSH is sort of the same way.  If you start making life difficult without signing up for a CA (the same way that SSL does), then you're going to end up finding more people using telnet because of the headache caused by SSH.

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: G++
« Reply #44 on: September 03, 2006, 12:49:38 pm »
Well, ssh is only safer once you have established the authenticity of the RSA/DSA keys of the host.
On your first connect, a man-in-middle attack can still occurr.  Scary huh?
That's why certificate authorities exist, to prevent any possible situation where man-in-middle attacks can happen.

I know.  It is still invariably more secure than a plaintext protocol.

On a first connect, man-in-middle can happen because you don't have the server's public DSA or RSA key to begin with.  Therefore, the man in the middle can forge new keys and send his public key in place of the server's and basically conduct all 8 steps thereafter.

I know. ;)

True, but when transferring a file over the Internet, the connection speed is almost always the bottleneck, unless you're going over a LAN.  Even then, I suspect that network speed is probably the bottleneck. 

Do you just like arguing with everything you read lately?  You seem more argumentative than usual :P

Haha, yeah.  I know that.  That's why I said "though I can see where it would be advantageous."  I didn't bother typing out the explanation.

However, if you have a server managing a few hundred clients and you have, say, 50 of them connected constantly sending data, it's going to be a very busy CPU.  How many cycles are spent decrypting packet data?  I know it depends on the algorithm used, but how about the default one used for SFTP?  It utilizes SSL, right?  So RSA, I think.

SSH is sort of the same way.  If you start making life difficult without signing up for a CA (the same way that SSL does), then you're going to end up finding more people using telnet because of the headache caused by SSH.

Haha, that's an excellent point.  I'm not much of a paranoid person, but I don't think I could live with using telnet every day in the place of ssh.  I recognize the potential risks involved with using SSH, but like iago said, the odds of that are way lower than using telnet every day.
« Last Edit: September 03, 2006, 12:55:18 pm by Sidoh »