On Monday 20 April 2009 14:59:55 cpghost wrote: > On Mon, Apr 20, 2009 at 12:46:05PM +0200, Wojciech Puchar wrote: > > use rsh not ssh unless you really need encryption. > > Sure, you *could* do that, but be sure to encrypt *and* sign the > backup stream beforehand, e.g. using openssl or gnupg... And even > then, anyone sniffing that poorly encrypted (at layer 2) wireless LAN > connection could still hijack the password, log into the backup host, > and delete or corrupt the (encrypted) dump files. > > Perhaps it's better to use ssh anyway, even for encrypted and signed > dump files. Creating and transfering a couple of key files to the > clients and backup host and using ssh(1) is not hard. Really not. ;-)
But doesn't use full network capacity. Closed circuit LAN's (yes, they still do exist) don't need ssh, but a level 0 dump of several TB of data does need full lan speed. -- Mel _______________________________________________ email@example.com mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"