Re: GEP 3 - Remote activation in bonobo-activation



> ¿encryption in the communication you mean? Well, in that case, linc is
> already able to do that, if we do the tcp-socket solution. Or do you
> mean something else?

You need
	-	to prove data is untampered
	-	to protect some data from prying eyes
	-	to prevent replay 
	-	to prove the identify and authorization of the connection
		securely.

That doesn't neccessarily require ssh. although ssh is the one common
installed tool that people have to do this. You could also use something
like keberos and/or the TLS libraries. You still have to figure out how to
pass the authentication around safely. 

An out of the box Linux nowdays probably has ports 0-1023 6000-6xxx and
2049 firewalled, quite likely has all incoming ports blocked except for
actual intended services (eg ssh, http, https)



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]