On Thu, Nov 15, 2012 at 09:12:53PM +0800, Paul Wise wrote: > On Thu, Nov 15, 2012 at 8:18 PM, Peter Pentchev wrote: > > > Description : create secure pipes between socket addresses > > > > spiped (pronounced "ess-pipe-dee") is a utility for creating symmetrically > > encrypted and authenticated pipes between socket addresses, so that one may > > connect to one address (e.g., a UNIX socket on localhost) and transparently > > have a connection established to another address (e.g., a UNIX socket on a > > different system). This is similar to 'ssh -L' functionality, but does not > > use SSH and requires a pre-shared symmetric key. > > > > spipe (pronounced "ess-pipe") is a utility which acts as an spiped protocol > > client (i.e., connects to an spiped daemon), taking input from the standard > > input and writing data read back to the standard output. > > Sounds similar to socat, which can connect endpoints (including SSL ones). > > stunnel is similar too. Thanks for your comments! I am familiar with Stunnel (I maintained the FreeBSD port for several years), and I have indeed examined the Swiss army knife that is socat, too. IMHO the advantages of spiped lie in its simplicity, its lean and mean design for doing just one thing and doing it well (and yes, I am quite aware that this is pretty much exactly how socat started Way Back When :)) and its speed. It does not attempt to start a full-blown OpenSSL session, it uses just symmetric cryptography with a preshared key (and an optional, on by default, Diffie-Hellman session key exchange) for robust, high-load client-server connections (as witnessed by its origin in the Tarsnap project). I personally think that it would be a useful alternative to have in Debian; of course, if people's opinion leans the other way, I would be prepared to withdraw the ITP. G'luck, Peter -- Peter Pentchev firstname.lastname@example.org roam@FreeBSD.org email@example.com PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13 If you think this sentence is confusing, then change one pig.
Description: Digital signature