cendres at videotron.ca
Fri Feb 27 00:03:35 PST 2004
When syslog distributes logs over network the most common solution to keeping
it private it encrypting the network layer, with either stunnel or ipsec. On
the stations the only thing keeping the logs private are the file
permissions. I don't think it would be too difficult to add gpg to sysklogd.
It would eliminate the need for stunnel and relieve the stress of maintaining
file permissions. One problem is how to let syslog access the key. Gpg-agent
is made for this sort of thing, but would need its own password on boot.
Another problem is the performance loss every few minutes when the logs are
decrypted and appended to, maybe using smaller keys would help. Would this
sort of bloat be worth it to keep logs private with some certainty?
More information about the hlfs-dev