Using a dumptype definition like below on the server:
define dumptype client-pubkey-encrypt-comp {
...
compress client
encrypt client
client_encrypt "/usr/local/sbin/amcrypt-ossl-asym"
client_decrypt_option "-d”
..
}
makes public key dumping work fine - with no need for the private key to be on
the client side.
Just wonder — Is there any way by which one can ‘lock’ this down on the client.
I.e. disallow the client (no matter what the server asks) to sent data any
other way than through amcrypt-ossl-asym and the locally known public key.
Dw.
