Feature Suggestion - scp don't decrypt file at destination unecrypt on copy back switch
Chris Rapier
rapier at psc.edu
Thu Apr 7 09:47:59 EST 2005
Peter Stuge wrote:
> On Wed, Apr 06, 2005 at 02:50:24PM -0700, Gerard J. Cerchio wrote:
>
>>Thanks Damien, but this solution leads to single file recovery
>>problems, especially given that most users can't tell a tar from a
>>feather. ;)
>
>
> On the other hand, OpenSSH isn't really a backup software.
To amplify: It really isn't. I feel its best to think of it as a transport
protocol riding on top of TCP (this would be especially true for SSHv2) or as
a pipe. What happens on either end of the pipe isn't really something that SSH
should necessarily be involved with.
The main thing you seem to be looking to do is to save yourself the trauma of
double encryption. I'd suggest that th easiest way to do that is to set up a
kerberos realm, encrypt the file locally, and use KFTP - that was you get
secure authentication, you don't get the performance hit of using standard V2,
and you don't have double encryption. Since you can script KFTP you can even
write a shell script or perl whatever to handle the encryption and file
handling processes inbound and outbound.
chris
More information about the openssh-unix-dev
mailing list