At this (Sun, May 02, 1999 at 04:19:24PM +0300) day, Alex Shnitman wrote:
| Hi.
|
| Is anybody aware of an alternative to NFS that works the way ssh does,
| i.e. does authentication not according to the IP but according to the
| existance of the right key on the other side? Some kind of NFS with
| public-key cryptoraphy? In other words, something that is to NFS what
| ssh is to rsh.
Theres an on going poject of ietf concerning secure IP connection.
Check out http://www.ietf.org/html.charters/ipsec-charter.html for basic ground,
and plany links about Internet-Drafts and rfc's.
Try there is also a mailing (preety nosie - about 20 mails a day - but preety
intersting) list at [EMAIL PROTECTED]
from linux's Security-HOWTO:
6.3 Linux x-kernel IPSEC Implementation
Along with CIPE, and other forms of data encryption, there is also an implemention of
IPSEC for Linux. IPSEC is an effort by the IETF to create cryptographically secure
communications at the IP network level, which also provides authentication, integrity,
access control, and confidentiality. Information on IPSEC and Internet draft can be
found at http://www.ietf.org/html.charters/ipsec-charter.html. You can also find links
to other protocols involving key management, and an IPSEC mailing list and archives.
The Linux implementation, which is being developed at the University of Arizona, uses
an object-based framework for implementing network protocols called x-kernel, and can
be found at http://www.cs.arizona.edu/xkernel/hpcc-blue/linux.html. Most simply, the
x-kernel is a method of passing messages at the kernel level, which makes for an
easier implementation.
As with other forms of cryptography, it is not distributed with the kernel by default
due to export restrictions.
--
Guy Cohen <[EMAIL PROTECTED]>
