Login functionality

Robert Connolly cendres at videotron.ca
Fri Feb 27 00:03:35 PST 2004


When syslog distributes logs over network the most common solution to keeping 
it private it encrypting the network layer, with either stunnel or ipsec. On 
the stations the only thing keeping the logs private are the file 
permissions. I don't think it would be too difficult to add gpg to sysklogd. 
It would eliminate the need for stunnel and relieve the stress of maintaining 
file permissions. One problem is how to let syslog access the key. Gpg-agent 
is made for this sort of thing, but would need its own password on boot. 
Another problem is the performance loss every few minutes when the logs are 
decrypted and appended to, maybe using smaller keys would help. Would this 
sort of bloat be worth it to keep logs private with some certainty?




More information about the hlfs-dev mailing list