Re: [Nbd] Easier use, authentication
- To: Folkert van Heusden <folkert.van.heusden@...17...>, Wouter Verhelst <w@...112...>
- Cc: nbd-general@lists.sourceforge.net
- Subject: Re: [Nbd] Easier use, authentication
- From: Alex Bligh <alex@...872...>
- Date: Mon, 26 Sep 2011 10:13:55 +0100
- Message-id: <2235289953A877DFA05E14FA@...873...>
- Reply-to: Alex Bligh <alex@...872...>
- In-reply-to: <CAFDOyVCFjV+-0YkKz7D_6efo9GinxQg2N_PZgTzCw6cf-Sx2GA@...18...>
- References: <CAEjYwfXAjOwZ-=igJ6Ojyti43STga3uRwNTfjmzG4Eu8h2xmVg@...18...> <20110925222423.GB22107@...3...> <CAFDOyVCFjV+-0YkKz7D_6efo9GinxQg2N_PZgTzCw6cf-Sx2GA@...18...>
--On 26 September 2011 08:35:34 +0200 Folkert van Heusden
<folkert.van.heusden@...17...> wrote:
Imho authentication only makes sense with encryption as well.
I don't think this is true.
Assume 2 computers, Server and Client, with both and
the network between them under the same administrative control,
which prevents snooping. This scenario does not really need
encryption. It does, however, need authentication, or a non-root
user on client could access any server resource simply by opening
a socket.
Equally, it is not hard to come up with scenarios where privacy
of data is unimportant, but prevention of write access is
important. Encryption adds little here.
Personally I would advise avoiding reinventing the encryption wheel.
For inbound encryption, we can (using stunnel or whatever) already
use SSL to encrypt nbd sessions. Equally we can already use ipsec.
Why do we need another method? For encryption of the data so it
remains encrypted on the server, use dmcrypt on the client.
I can see some form of challenge/response authentication might be
useful; this would fit simply into an enhanced option negotiation
scheme and thus could be carried out entirely in userspace. I would
add that it is just as important to authenticate the server to the
client as the (more obvious) authentication of the client to the
server. So whatever we do should be symmetric.
--
Alex Bligh
Reply to: