1995-07-12 - Re: ANNOUNCEMENT: Ssh (Secure Shell) remote login program

Header Data

From: sdw@lig.net (Stephen D. Williams)
To: perry@imsi.com
Message Hash: 10c052c6e656a93ee67c44b0098fc1c30f950373dd5a29cba25818e8438aa338
Message ID: <m0sWBfu-0009ydC@sdwsys>
Reply To: <9507122105.AA11297@snark.imsi.com>
UTC Datetime: 1995-07-12 23:14:04 UTC
Raw Date: Wed, 12 Jul 95 16:14:04 PDT

Raw message

From: sdw@lig.net (Stephen D. Williams)
Date: Wed, 12 Jul 95 16:14:04 PDT
To: perry@imsi.com
Subject: Re: ANNOUNCEMENT: Ssh (Secure Shell) remote login program
In-Reply-To: <9507122105.AA11297@snark.imsi.com>
Message-ID: <m0sWBfu-0009ydC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> Stephen D. Williams writes:
> > It occurred to me that it wouldn't be too tough to have one CFSD
> > open a TCP/socket connection to another CFSD and pass file access
> > requests instead of implementing them locally.  The encryption
> > of the ssh link and the on disk encryption of CFSD should be a 
> > good combination.
> 
> The whole point of CFS was that you could mount remote devices that
> were encrypted and decrypt them locally. CFS acts like a scrim over
> existing file systems. If the remote machine has your keys on it
> you've reduced security and, seemingly to me, gained very little.
> 
> Now, what *would* be really neat would be an implementation of CFS in
> kernel under 4.4lite using the stacked vnode architecture. It would
> probably be fairly simple to do it, and you wouldn't have any context
> switches or the like when cfs'ing...
> 
> Perry

That's true.  I was thinking in terms of traversing firewalls in a
safe fashion rather than where normal SUN/RPC NFS is available.

For this, using CFS and SSH together seems appropriate.

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95




Thread