From owner-freebsd-security Fri Mar 9 4:42:33 2001 Delivered-To: freebsd-security@freebsd.org Received: from eastwood.aldigital.algroup.co.uk (eastwood.aldigital.algroup.co.uk [194.128.162.193]) by hub.freebsd.org (Postfix) with ESMTP id A433B37B718 for ; Fri, 9 Mar 2001 04:42:29 -0800 (PST) (envelope-from adam@algroup.co.uk) Received: from algroup.co.uk ([193.195.56.225]) by eastwood.aldigital.algroup.co.uk (8.8.8/8.6.12) with ESMTP id MAA28884; Fri, 9 Mar 2001 12:41:00 GMT Message-ID: <3AA8CF5B.17AFBCB8@algroup.co.uk> Date: Fri, 09 Mar 2001 12:40:59 +0000 From: Adam Laurie Organization: A.L. Group plc X-Mailer: Mozilla 4.76 [en] (Win95; U) X-Accept-Language: en MIME-Version: 1.0 To: Rob Simmons Cc: Mike Tancsa , freebsd-security@FreeBSD.ORG Subject: Re: "write only" fs/files ? References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Rob Simmons wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > There isn't a windows client for amanda. What you have to do is use > smbclient and gnutar. The windows section of your amanda backup will be > the weak link since the passwords are only encrypted with NT1. > Ah. However, it doesn't need to be weakened for NT - I've tunnelled samba mounts through SSH so it should be possible with stunnel as well. > For the *nix boxen, stunnel is a good idea. Kerberos v4 is supported in > amanda, which can be used for authentication as well as encrypting the > dump itself. stunnel also supports client cert authentication. cheers, Adam -- Adam Laurie Tel: +44 (20) 8742 0755 A.L. Digital Ltd. Fax: +44 (20) 8742 5995 Voysey House http://www.thebunker.net Barley Mow Passage http://www.aldigital.co.uk London W4 4GB mailto:adam@algroup.co.uk UNITED KINGDOM PGP key on keyservers To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message