[lug] Re: securing files

Peter Hutnick peter-lists at hutnick.com
Tue Apr 23 15:44:25 MDT 2002

Hash: SHA1

On Tuesday 23 April 2002 03:13 pm, Bear Giles wrote:

> But neither is really supported on Linux, partially due to the
> odd fetish for SSH/SSL, so there's the third option which is running
> NFS over (Open)SSH tunnels.  There was a detailed article in SysAdmin
> a few months ago on how to do this.

I think that the . . . frequent use of OpenSSH is for very good reasons.

It is a good, inter operable, Free implementation of a reliable, open 
protocol.  It has a good history of not having an excessive number of 
security problems.  What problems there are are almost instantly patched and 
widely published.  It is actively maintained, and seems to have a friendly 
interface.  (I haven't used it, but a buddy of mine whipped ssl support into 
his load-tester in no time using it.)

IMO this beats the crap out of every Joe rolling his own, half-baked 
encryption subsystem.

Yes it leaves all the eggs in one basket, but there are a hell of a lot of 
people making sure that basket stays upright.

- -Peter

- -- 
/"\ ASCII Ribbon campaign against HTML e-mail
\ /
 X   Get my PGP key at http://hutnick.com/pgp
/ \  6128 5651 6F23 EC17 6EBD  737D 960A 20E6 76CA 8A59
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org


More information about the LUG mailing list