[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bacula-users
Subject:    Re: [Bacula-users] TLS and PKI,
From:       Morty Abzug <morty () frakir ! org>
Date:       2011-01-31 11:01:54
Message-ID: 20110131110154.GB7511 () red-sonja
[Download RAW message or body]

On Wed, Nov 17, 2010 at 11:52:20AM +0100, Hugo Letemplier wrote:
> Hi
> I am Implementing Bacula and I have to cypher the backed up data.
> Also I don't want that the console and client authentication to be
> done clearly over the network.
> I want to implement TLS but data are already cyphered via PKI so it
> will create a cpu consumption overhead.
> Can I configure bacula to use TLS only to authenticate client and
> eventually sign data ?

If I understand correctly, bacula uses cram-md5 authentication.  So
even without TLS, you aren't doing authentication in the clear.  If
your security goals are to encrypt the data via PKI and have encrypted
authentication, you don't need TLS.

[I know it's an old email, but I didn't see anyone raising this issue
directly]

- Morty

------------------------------------------------------------------------------
Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)!
Finally, a world-class log management solution at an even better price-free!
Download using promo code Free_Logger_4_Dev2Dev. Offer expires 
February 28th, so secure your free ArcSight Logger TODAY! 
http://p.sf.net/sfu/arcsight-sfd2d
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bacula-users
[prev in list] [next in list] [prev in thread] [next in thread]