From owner-freebsd-security Thu Apr 8 3: 2: 1 1999 Delivered-To: freebsd-security@freebsd.org Received: from bofh.fastnet.co.uk (lart.org.uk [194.207.104.22]) by hub.freebsd.org (Postfix) with ESMTP id A19F31505C for ; Thu, 8 Apr 1999 03:01:59 -0700 (PDT) (envelope-from synak@bofh.fastnet.co.uk) Received: (from root@localhost) by bofh.fastnet.co.uk (8.8.8/8.8.8) id KAA03343 for freebsd-security@freebsd.org; Thu, 8 Apr 1999 10:59:56 +0100 (BST) (envelope-from synak) Date: Thu, 8 Apr 1999 10:59:56 +0100 From: Jay Tribick To: freebsd-security@freebsd.org Subject: Re: ssh and scp Message-ID: <19990408105956.M2213@bofh.fastnet.co.uk> References: <19990408105145.J2213@bofh.fastnet.co.uk> <84016.923565536@verdi.nethelp.no> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95i In-Reply-To: <84016.923565536@verdi.nethelp.no>; "sthaug@nethelp.no" on 08.04.1999 @ 10:58:56 BST Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi > > > Maybe I'm missing something, but isn't that what zone transfers > > > are for? > > > > Yeh but he's probably looking for something that's encrypted - > > you could try the new DNSSEC beta's (www.toad.com/~dnssec , but > > AFAIK they just sign the zone files and don't actually encrypt > > them over the link. > > Note that: > > 1. BIND 8.2 already supports (part of) DNSSEC. > 2. But there are known bugs in the 8.2 implementation which can give > you crashes if it's used. An unofficial patch is available. Am I right in thinking that it doesn't encrypt the transfer, just signs it so that it can be authenticated? -- Regards, Jay Tribick [| Network Admin | FastNet International | http://fast.net.uk/ |] [| Finger netadmin@fastnet.co.uk for contact info & PGP PubKey |] [| +44 (0)1273 T: 677633 F: 621631 e: netadmin@fast.net.uk |] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message