This is a discussion on Re: encrypting files with SSH??? - Linux ; in comp.unix.admin i read: >those who know me have no need of my name wrote: >> in comp.unix.admin i read: >>> No, I didn't stutter, nor am I unaware of PGP, GPG, etc.... > >>> Has anyone seen or used ...
in comp.unix.admin i read:
>those who know me have no need of my name
>> in comp.unix.admin i read:
>>> No, I didn't stutter, nor am I unaware of PGP, GPG, etc....
>>> Has anyone seen or used SSH or a SSH based tool to encrypt a file? I've
>>> been specifically asked to see if this is possible.
>> no. the whole notion is idiotic. shoot the programmer that suggested it.
> Well, it's not idiotic. If you were going to transfer one file to many
> different hosts over ssh/scp then it makes sense to encrypt once and
> just send the pre-encrypted/pre-signed packets. This is similar to an
> optimization for web servers that cache a sequence of TCP packets with
> the checksums pre-computed.
i agree that encrypting once would have better performance than doing so
multiple times. that doesn't alter my opinion that the particular method
remains idiotic. pre-encryption isn't the purpose of ssh, they leave that
to other tools. distributing an encrypted file via some other distribution
mechanism is entirely sensible.
> I suppose we could have ssh open a connection, run a netcat command
> (pick a random port for the listen and restrict it to accepting connections
> from just one source IP --- just to minimize the DoS exposure), then
> have the local end nc the file to that destination.
i'm not sure what you think this accomplishes, as gpg was specifically
excluded in the original request.