Feature Suggestion - scp don't decrypt file at, destination unecrypt on copy back switch

Peter Stuge stuge-openssh-unix-dev at cdy.org
Thu Apr 7 08:29:32 EST 2005


On Wed, Apr 06, 2005 at 02:18:50PM -0700, Gerard J. Cerchio wrote:
> Peter Stuge wrote:
> >The encryption "environment" in which scp and sftp runs (provided by
> >ssh) works well as designed but is probably not the best choice for
> >encrypted disk storage.
> 
> Peter I wonder if you can expand on this.  Once the data has been
> run through an encryption what does it matter if it is in transport
> or static?

An encryption is only as secure as it's key. The keys used to encrypt
the data stream are generated on the fly and rekeying may occur
frequently in a session. Just keeping track of all of these keys
seems like a lot of work for not much benefit.

But, like I said, if you want to make a backup subsystem I doubt
anyone would object. If you release it and it's handy I'll use it
too! :)


//Peter




More information about the openssh-unix-dev mailing list