On Fri, Nov 23, 2001 at 01:01:23PM +0100, Fabrizio Morbini wrote: > Hi, I'm new in CODA so I would address you this question: you in the > chapter "Authentication and secure connections." said that is simple > add DES encryption (or other strong encryption) to CODA, but why I > can't find a version of CODA that include this? (I think that the > encryption is necessary in our networks)
There isn't any, you could try to modify the rpc2_Decrypt and rpc2_Encrypt functions rpc2/rpc2-src/secure.c to wrap around cryptographic functions provided by openssl (libcrypto). I believe that using real encryption will probably break retransmitting SFTP packets because some encrypted fields in the header are modified in the encrypted packet instead of a a decrypted version and re-encrypting it. There was also a group in germany that wanted to create a more secure version of RPC2, check the 'codadev' mailinglist archives, Nov 2000, subject "making rpc2 more Secure". > You can instruct me (the basic guidelines (steps, documentation (from > "earth" to "space")), the sites where I can find a good implementation > of the encryption algorithms (gpg?),...) on how can be added DES (or > others) to the CODA code? Best bet for the actual encryption routines is openssl, it is already widely used and installed on most systems that have f.i. openssh. Jan
