My assumptions about the environment the alfs authentication protocol should
operate in. Please comment.
1. There is only one administrator for all the alfs server machines, you.
(Nobody but you has, or will gain, root access to these machines).
2. All administration is done from a *trusted* machine. Only one machine at a
time will run the client.
3. An alfs client will in general administer several server machines
simultaneously in each session.
4. Either the IP or the DNS name (or both, of course) must be static, or
change veeeeeery rarely.
5. Replaying the commands aside, the data communicated over the alfs session
protocol is not that valuable. I.e., even if someone manages to record a
whole session and eventually decrypt it, by this time you will have updated
your LFS several times, so they won't even be able to infer your current
system configuration by it.
Thanks :)
Pantelis
____________________________________________________________________
http://www.freemail.gr - δωρεάν υπηρεσία ηλεκτρονικού ταχυδρομείου.
http://www.freemail.gr - free email service for the Greek-speaking.
--
http://linuxfromscratch.org/mailman/listinfo/alfs-discuss
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
