Dump | Restore
Mel Flynn
mel.flynn+fbsd.questions at mailing.thruhere.net
Mon Apr 20 13:04:25 UTC 2009
On Monday 20 April 2009 14:59:55 cpghost wrote:
> On Mon, Apr 20, 2009 at 12:46:05PM +0200, Wojciech Puchar wrote:
> > use rsh not ssh unless you really need encryption.
>
> Sure, you *could* do that, but be sure to encrypt *and* sign the
> backup stream beforehand, e.g. using openssl or gnupg... And even
> then, anyone sniffing that poorly encrypted (at layer 2) wireless LAN
> connection could still hijack the password, log into the backup host,
> and delete or corrupt the (encrypted) dump files.
>
> Perhaps it's better to use ssh anyway, even for encrypted and signed
> dump files. Creating and transfering a couple of key files to the
> clients and backup host and using ssh(1) is not hard. Really not. ;-)
But doesn't use full network capacity. Closed circuit LAN's (yes, they still
do exist) don't need ssh, but a level 0 dump of several TB of data does need
full lan speed.
--
Mel
More information about the freebsd-questions
mailing list