From owner-freebsd-questions@FreeBSD.ORG  Mon Apr 20 13:04:25 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 5E653106566C
	for <freebsd-questions@freebsd.org>;
	Mon, 20 Apr 2009 13:04:25 +0000 (UTC)
	(envelope-from mel.flynn+fbsd.questions@mailing.thruhere.net)
Received: from mailhub.rachie.is-a-geek.net (rachie.is-a-geek.net
	[66.230.99.27]) by mx1.freebsd.org (Postfix) with ESMTP id 2C6478FC1E
	for <freebsd-questions@freebsd.org>;
	Mon, 20 Apr 2009 13:04:24 +0000 (UTC)
	(envelope-from mel.flynn+fbsd.questions@mailing.thruhere.net)
Received: from sarevok.dnr.servegame.org (mailhub.rachie.is-a-geek.net
	[192.168.2.11])
	by mailhub.rachie.is-a-geek.net (Postfix) with ESMTP id 991B97E837;
	Mon, 20 Apr 2009 05:04:23 -0800 (AKDT)
From: Mel Flynn <mel.flynn+fbsd.questions@mailing.thruhere.net>
To: freebsd-questions@freebsd.org
Date: Mon, 20 Apr 2009 15:04:21 +0200
User-Agent: KMail/1.11.2 (FreeBSD/8.0-CURRENT; KDE/4.2.2; i386; ; )
References: <E8298C3B2FC1CC43B3FBAC70544780A602D45118@EXCH-01.mbint.multibanka.com>
	<alpine.BSF.2.00.0904201245270.14978@wojtek.tensor.gdynia.pl>
	<20090420125955.GA1750@phenom.cordula.ws>
In-Reply-To: <20090420125955.GA1750@phenom.cordula.ws>
MIME-Version: 1.0
Content-Type: Text/Plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200904201504.22035.mel.flynn+fbsd.questions@mailing.thruhere.net>
Cc: Wojciech Puchar <wojtek@wojtek.tensor.gdynia.pl>,
	cpghost <cpghost@cordula.ws>
Subject: Re: Dump | Restore
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Apr 2009 13:04:25 -0000

On Monday 20 April 2009 14:59:55 cpghost wrote:
> On Mon, Apr 20, 2009 at 12:46:05PM +0200, Wojciech Puchar wrote:
> > use rsh not ssh unless you really need encryption.
>
> Sure, you *could* do that, but be sure to encrypt *and* sign the
> backup stream beforehand, e.g. using openssl or gnupg... And even
> then, anyone sniffing that poorly encrypted (at layer 2) wireless LAN
> connection could still hijack the password, log into the backup host,
> and delete or corrupt the (encrypted) dump files.
>
> Perhaps it's better to use ssh anyway, even for encrypted and signed
> dump files. Creating and transfering a couple of key files to the
> clients and backup host and using ssh(1) is not hard. Really not. ;-)

But doesn't use full network capacity. Closed circuit LAN's (yes, they still 
do exist) don't need ssh, but a level 0 dump of several TB of data does need 
full lan speed.
-- 
Mel