INN testing news server
Bill Davidsen
davidsen at tmr.com
Wed Sep 26 21:46:44 UTC 2007
Felix Kronlage wrote:
> On Mon, Sep 24, 2007 at 01:54:48PM -0400, Bill Davidsen wrote:
>
>>>> For security reasons, I will also add an iptable on TCP port 540 to
>>>> only allow your news server.
>>>>
>>> uucp over ssh is really the way to go :)
>>>
>> Have to ask, why would you do that rather than add encryption to the
>> batching process or running over a VPN?
>>
>
> Encryption for the batching does not secure your authentification.
>
I don't know what you are trying to do here, encryption with my private
key proves it's from me, encryption with your public key means only you
can read it. And doing any of that moves the CPU overhead to the
background, so you don't have to do it while the link is up.
> VPN is way too much overhead at least spoken in the way we used
> to resell usenet access via uucp/ssh.
>
Encryption overhead should be very similar for vpn or ssh unless you are
doing something different like using triple DES on one :-( And a decade
of tracking indicates that more unauthorized access attempts go to ssh
than uucp by an order of magnitude at least.
Whatever makes you happy, not having CPU load match my data transfers
makes me very happy. Encryption and compression make nice things to run
in low priority.
--
bill davidsen <davidsen at tmr.com>
CTO TMR Associates, Inc
Doing interesting things with small computers since 1979
More information about the inn-workers
mailing list