Programming language

Hui Zhou zhouhui at
Tue Feb 1 18:05:17 PST 2005

On Tue, Feb 01, 2005 at 06:11:14PM -0700, Kevin P. Fleming wrote:
>Gerard Beekmans wrote:
>>it's a more basic structure rather than relying on a program like ssh(d)
>>to do the work for you. What if SSH isn't available? Say during an
>>upgrade. And for it to work nicely you would want to setup keys so you
>>don't have to enter a password. Then, without ssh there has to be some
>>kind of authentication still. I'm not sure about that part yet.
>I do not see any value in building any sort of authentication/security 
>system into the alfs tool at all (is that a strong enough opinion?).
>If you want safe transport across the network, either use SSH tunneling, 
>tell the user to use a VPN, or build TLS support into alfs using the 
>OpenSSL library.
>If you want strong authentication, either use SSH tunneling, SSL 
>certificates using the OpenSSL library, or full-blown SSL/TLS using SASL 
>(which can tie into every authentication database imaginable).

I agree. Trying to implement an authentication is stupid if not 
ignorant. However, some trust based security is trivia to implement, 
just don't rely on it. 

Hui Zhou

More information about the alfs-discuss mailing list