Re: Diskless export/import - here's a method to do so

From: Chuck <chuckh_nospam_at_softhome.net>
Date: 10 Feb 2004 16:52:57 GMT
Message-ID: <Xns948B78DFDCF87chuckhsofthomenet@130.133.1.17>

jared_at_hwai.com (Jared) wrote in
news:480f610.0402060742.746f72f1_at_posting.google.com:

> Chuck <chuckh_nospam_at_softhome.net> wrote in message
> news:<Xns948663D4D8D65chuckhsofthomenet_at_130.133.1.4>...

>> jared_at_hwai.com (Jared) wrote in 
>> news:480f610.0402050622.78d3433f_at_posting.google.com:
>> 
>> Nice to see people thinking a little outside the box. I had a similar
>> situation a while back and came up with a similar solution. It used
>> ftp to move the data instead of ssh. I suspect NFS could also be used
>> but have never tested it.
>> 
>> ssh is a nice solution because you could potentially move data
>> accross a public network in a secure manner.

>
> Thanks. Yeah, the point was to make it nominally secure; I'm
> consulting at a multinational and am trying to get people thinking in
> those terms. Of course, one could always try sniffing the keys :-) .
>
> Kind regards,
> jh
>

There is no "sniffing the keys". SSH is based on public key cryptography. Just because they sniff a public key sent back to the client doesn't mean they can decrypt the data. You need both public and private keys to do that, and also the session key once the initial negotiation is completed. If you are using the current version of openssh, your data is perfectly secure as far as somone with a network sniffer goes.

-- 
Chuck
Remove "_nospam" to reply by email

Received on Tue Feb 10 2004 - 10:52:57 CST