Re: pull vs push (was Re: [bk patch] Make cardbus compile in -pre4)

Alan Cox (alan@lxorguk.ukuu.org.uk)
Sun, 10 Feb 2002 02:46:37 +0000 (GMT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Hiroshi MIURA: "Re: [PATCH] NSC Geode Companion chip workaround"
Previous message: Alan Cox: "Re: [PATCH] BUG preserve registers"

> a password. I know about ssh-agent but that doesn't help for this,
> I know that in certain cases ssh lets me in without anything. I thought
> there was some routine where you ssh-ed one way and then the other way
> and it left enough state that it trusted you, does any ssh genuis out
> there know what I'm talking about? If I have this, I can set up the
> cron job, I'm sure this is obvious and I'm just overlooking something
> but I can't find it.

For the paranoid

You ssh from the source to an untrusted chrooted nopriv uid on the target
using a ssh pass phrase and ipchains static ip rules to allow only some
IP's access

A cron or other triggered job on the receiving machine checks the GPG
signatures of the uploaded data and moves/processes it if it matches or
if the key matches blocks off that machine and ID and mails the admin.

Alan
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Hiroshi MIURA: "Re: [PATCH] NSC Geode Companion chip workaround"
Previous message: Alan Cox: "Re: [PATCH] BUG preserve registers"