[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ANNOUNCEMENT: Ssh (Secure Shell) remote login program



> 
> 
> Stephen D. Williams writes:
> > It occurred to me that it wouldn't be too tough to have one CFSD
> > open a TCP/socket connection to another CFSD and pass file access
> > requests instead of implementing them locally.  The encryption
> > of the ssh link and the on disk encryption of CFSD should be a 
> > good combination.
> 
> The whole point of CFS was that you could mount remote devices that
> were encrypted and decrypt them locally. CFS acts like a scrim over
> existing file systems. If the remote machine has your keys on it
> you've reduced security and, seemingly to me, gained very little.
> 
> Now, what *would* be really neat would be an implementation of CFS in
> kernel under 4.4lite using the stacked vnode architecture. It would
> probably be fairly simple to do it, and you wouldn't have any context
> switches or the like when cfs'ing...
> 
> Perry

That's true.  I was thinking in terms of traversing firewalls in a
safe fashion rather than where normal SUN/RPC NFS is available.

For this, using CFS and SSH together seems appropriate.

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) [email protected] http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95