[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ANNOUNCEMENT: Ssh (Secure Shell) remote login program
Stephen D. Williams writes:
> It occurred to me that it wouldn't be too tough to have one CFSD
> open a TCP/socket connection to another CFSD and pass file access
> requests instead of implementing them locally. The encryption
> of the ssh link and the on disk encryption of CFSD should be a
> good combination.
The whole point of CFS was that you could mount remote devices that
were encrypted and decrypt them locally. CFS acts like a scrim over
existing file systems. If the remote machine has your keys on it
you've reduced security and, seemingly to me, gained very little.
Now, what *would* be really neat would be an implementation of CFS in
kernel under 4.4lite using the stacked vnode architecture. It would
probably be fairly simple to do it, and you wouldn't have any context
switches or the like when cfs'ing...
Perry