alfs authentication protocol: assumptions

pak_lfs at pak_lfs at
Mon Nov 28 05:32:26 PST 2005

My assumptions about the environment the alfs authentication protocol should 
operate in. Please comment.

1. There is only one administrator for all the alfs server machines, you.
        (Nobody but you has, or will gain, root access to these machines).

2. All administration is done from a *trusted* machine. Only one machine at a
        time will run the client.

3. An alfs client will in general administer several server machines 
simultaneously in each session.

4. Either the IP or the DNS name (or both, of course) must be static, or 
change veeeeeery rarely.

5. Replaying the commands aside, the data communicated over the alfs session 
protocol is not that valuable. I.e., even if someone manages to record a
whole session and eventually decrypt it, by this time you will have updated
your LFS several times, so they won't even be able to infer your current
system configuration by it.

Thanks :)

____________________________________________________________________ - δωρεάν υπηρεσία ηλεκτρονικού ταχυδρομείου. - free email service for the Greek-speaking.

More information about the alfs-discuss mailing list