Re: new feature: client-side, server-side encryption dumptype option
2005-12-11 19:55:06
On 12/11/05, Josef Wolf <jw AT raven.inka DOT de> wrote:
> On Sat, Dec 10, 2005 at 09:12:49AM -0800, Kevin Till wrote:
>
> > I have added a dumptype option, "encrypt".
>
> Great! Thanks for your afford to bring encryption into amanda's core.
>
> I have not taken a close look on it yet. From the description, I have the
> impression that this solution is based on symmetric encryption. I don't
> think this is a good idea. Having the passphrase lying around on all
> your clients[1] is a big weakness, IMHO. It would be better to encrypt
> with a public key. The private key and the passprase should be locked
> away to a safe place. They should be needed only for desaster-recovery.
>
> [1] You need client-side encryption if you don't want your data flowing
> unencrypted over the network.
You can use ssh for server/client communication and server side data
encryption.
Paddy
>
> --
> No software patents in Europe -- http://nosoftwarepatents.com
> -- Josef Wolf -- jw AT raven.inka DOT de --
>
--
Amanda documentation: http://wiki.zmanda.com
Amanda forums: http://forums.zmanda.com
|
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: new feature: client-side, server-side encryption dumptype option, (continued)
- Re: new feature: client-side, server-side encryption dumptype option, Josef Wolf
- Re: new feature: client-side, server-side encryption dumptype option, Chris Lee
- Re: new feature: client-side, server-side encryption dumptype option, Greg Troxel
- Re: new feature: client-side, server-side encryption dumptype option, Brian Cuttler
- Re: new feature: client-side, server-side encryption dumptype option, Greg Troxel
- Re: new feature: client-side, server-side encryption dumptype option, Brian Cuttler
- Re: new feature: client-side, server-side encryption dumptype option, Greg Troxel
- Re: new feature: client-side, server-side encryption dumptype option, Brian Cuttler
- Re: new feature: client-side, server-side encryption dumptype option, Kevin Till
- Re: new feature: client-side, server-side encryption dumptype option, Geert Uytterhoeven
Re: new feature: client-side, server-side encryption dumptype option,
Paddy Sreenivasan <=
|
|
|