Are AFS file transfers encrypted?
Rasmus Kaj
kaj at kth.se
Fri Sep 16 13:35:23 CEST 2005
>>>>> "jc" == jackt123 at gmail com <jackt123 at gmail.com> writes:
jc> Hi all! I've been using arla on FreeBSD 5.4 very happily.
Hi!
jc> 1) I know the Kerberos auth is encrypted, and that the tokens
jc> are encrypted. But can people sniff or even modify
jc> filedata that I'm reading?
It can be, dependeing on a per-client-host flag. You can run "fs
getcrypt" to see it's current value.
jc> 2) If so, how is the encryption established?
With the "fs setcrypt" utility.
On the other hand, I think the cache is allways unencrypted, so anyone
who is root on a client can read any file that someone (with access
rights) has read on that client.
--
Rasmus Kaj --+-- rasmus at kaj.se --+-- http://www.stacken.kth.se/~kaj/
Loose bits sink chips
More information about the Arla-drinkers
mailing list