Re: transfering files between *.debian.org hosts
- To: debian-project@lists.debian.org
- Subject: Re: transfering files between *.debian.org hosts
- From: Tollef Fog Heen <tfheen@err.no>
- Date: Tue, 02 Sep 2008 07:32:20 +0200
- Message-id: <[🔎] 87tzczcduj.fsf@xoog.err.no>
- Mail-followup-to: debian-project@lists.debian.org
- In-reply-to: <20080830123208.GD9633@anguilla.noreply.org> (Peter Palfrader's message of "Sat, 30 Aug 2008 14:32:08 +0200")
- References: <20080827120031.GA32039@intrepid.palfrader.org> <20080828071223.GC7061@dario.dodds.net> <20080828193141.GK9633@anguilla.noreply.org> <20080830123208.GD9633@anguilla.noreply.org>
]] Peter Palfrader
| - install sendfile/saft on all machines so you can do
| sendfile foo.tar.gz weasel@merkel
|
| Unfortunately sendfile doesn't use crypto, so who knows what happens
| to the stuff you send. And it's yet another network facing server - I
| don't know if anybody ever did a real audit on it either. Also, I
| have no idea if it's still actively maintained these days. Lack of
| crypto seems to suggest that there certainly isn't any new development
| going on, and hasn't in ages.
[...]
| What other options did we forget?
NFS over OpenVPN between all debian hosts and a directory which is mode
1777 ? Sendfile over OpenVPN would also work and be less insecure
(though still no auth).
Passphraseless keys limited to sftp would also be an option, but on a
per-user basis.
--
Tollef Fog Heen
UNIX is user friendly, it's just picky about who its friends are
Reply to: