ravenpl
asked on
passwordless but secure auth, unencrypted traffic
Currently I have configured ssh passless remote access for file copying. It works but has this flow, that de/crypting traffic costs cpu power and network bandwidth.
So are there any other options to have secure remote auth(key based), but clear-text transfer?
I'm on CentoOS 5 and FC.
I know there's ssh "cipher none" patch - but i'm not after patching ssh which comes with the OS.
Any other ideas?
So are there any other options to have secure remote auth(key based), but clear-text transfer?
I'm on CentoOS 5 and FC.
I know there's ssh "cipher none" patch - but i'm not after patching ssh which comes with the OS.
Any other ideas?
ASKER
iptables is not the replacement for ssh keys, if it was, then rsh would be the really fine solution here.
keys = encryption
open rsh or nfs only for one ip and no other
open rsh or nfs only for one ip and no other
ASKER
> keys = encryption
No. keys mean authentication, not necessarily encryption.
> open rsh or nfs only for one ip and no other
what about other users on same machines?
No. keys mean authentication, not necessarily encryption.
> open rsh or nfs only for one ip and no other
what about other users on same machines?
NFS configures for users
man exports
man exports
ASKER
From the question
"So are there any other options to have secure remote auth(key based), but clear-text transfer?"
"So are there any other options to have secure remote auth(key based), but clear-text transfer?"
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Kerberos FTP would have been my suggestion as well.
ASKER
May I ask how it works? I never set up any krb server.
What is the authentication token while authenticating? With ssh it's the pub/priv keypair.
Still I would prefer something like ssh/rsh, since the copied data is duplicated into two localtions.
Currently I have something like
tar -options | ssh -options remote_command # where remote_command is more less "tea /1/file1 | cat > /2/file2"
What is the authentication token while authenticating? With ssh it's the pub/priv keypair.
Still I would prefer something like ssh/rsh, since the copied data is duplicated into two localtions.
Currently I have something like
tar -options | ssh -options remote_command # where remote_command is more less "tea /1/file1 | cat > /2/file2"
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
How much data are you trying to transfer and what so of link do you have?
ASKER
> How much data are you trying to transfer and what so of link do you have?
0.5 TB via 1gbit eth.
Thanx guys for Your opinions.
0.5 TB via 1gbit eth.
Thanx guys for Your opinions.
NFSv4 ?