[clug] scp alternative

David Schoen neerolyte at gmail.com
Sat Apr 11 06:43:59 GMT 2009 

Have you considered just using different encryption?

Chris who posts here recently blogged about just how different all the
encryption schemes are -
http://blog.christophersmart.com/2009/04/04/speed-test-on-the-dns-323/ .

The benchmarks might not translate on to normal hardware but at least you
wouldn't really have to change anything to get it up and running.

Dave.

2009/4/11 George Bray <georgebray at gmail.com>

> On Sat, Apr 11, 2009 at 3:19 PM, Daniel Pittman <daniel at rimspace.net>
> wrote:
> > George Bray <georgebray at gmail.com> writes:
>
> >> Does anyone know of an alternative solution where I get the
> >> client/host authentication of ssh, but don't get the CPU overhead of
> >> encrypting and compressing the payload?
> >
> > Um, why do you want the client and host authentication?  Is there really
> > a security risk that someone will insert incorrect video into the target?
>
> I need the clients to authenticate to the server to start the
> procedure, but once it's running I don't care about MITM issues.
>
> >> PS - I'm trying to avoid fileshares/mounts for robustity over long
> >> times.
> >
> > Unless your hosts are changing IP address then NFSv3/TCP should be
> > sufficiently robust for your needs — assuming that this is also WRT
> > authentication and/or connection relability?
>
> That was my first thought, but I've been warned against building 24/7
> systems that rely on mounts staying up all the time. It's not that the
> network is unreliable, the recommendation was more about detecting and
> recovering from failures being more complex with mounts vs individual
> copy sessions.
>
> I didn't mention it in my original post, but I want the ability for an
> admin server to issue commands for copying files between a number of
> remote servers. That's where I started with scp.  rsync is a brilliant
> package, but it can't do remote-remote copying.
>
> So I think I'm heading for rcp instead, which can apparently
> authenticate using kerberos.
>
> Thanks for the discussion, and the off-list comments.    CLUG is a
> powerful brains trust, even on a lazy easter weekend!
>
> --
> George Bray, The Australian National University, Canberra, Australia.
> --
> linux mailing list
> linux at lists.samba.org
> https://lists.samba.org/mailman/listinfo/linux
>

More information about the linux mailing list