Encryption

Mike Frysinger vapier at gentoo.org
Sat Mar 1 23:00:04 UTC 2008 

On Saturday 01 March 2008, Tito wrote:
> On Saturday 01 March 2008 22:50:01 Mike Frysinger wrote:
> > On Saturday 01 March 2008, Goetz Bock wrote:
> > > On Sat, Mar 01 '08 at 02:10, Mike Frysinger wrote:
> > > > On Friday 29 February 2008, Kevin Holland wrote:
> > > > > Is there a quick and dirty way to encrypt and decrypt a tar with
> > > > > the current busybox utilities?
> > > >
> > > > there are no encrypt/decrypt utils in busybox
> > >
> > > to bad.
> > >
> > > > > I'm pulling updates from a public FTP and I would like to secure
> > > > > it.
> > > >
> > > > that doesnt really make sense.  if it's public ftp, then anyone can
> > > > fetch it, therefore protecting the content by encryption is
> > > > pointless.
> > >
> > > that made about as much sence as saying: AIDS is a sexualy transmitted
> > > desease. everyoe is having sexi, so using a condom is pointless.
> >
> > that's a stupid (and incorrect) analogy
> >
> > > Encryption is probably the only way to secure Kevins data.
> >
> > if it's a public FTP, then there's nothing to be secured.  if someone is
> > sniffing traffic and the traffic is encrypted, then the attacker merely
> > needs to go to the public FTP and fetch the files themselves.
>
> maybe the problem is to post a file on a public ftp server
> in a way that its contents are not public..........?

maybe if you were talking about an anonymous write-only setup (an ftp "drop 
box"),  but that isnt what the OP stated: ... pulling updates from a public 
FTP ...

in any case though, the ftp server would need to support the encryption as 
well ... a random util in busybox isnt going to magically make it happen.  
that means the only options are the OP has a secure shell on the FTP server 
(in which case you should be using scp), or the OP has admin on the FTP 
server (so he can insert the encrypt algo into the stream), or the server 
supports openssl/TLS (the only "standard" ive seen for securing FTP 
transactions).  that's about the only thing worth adding imo to busybox's 
ftp/wget clients: optional openssl support.
-mike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: This is a digitally signed message part.
Url : http://lists.busybox.net/pipermail/busybox/attachments/20080301/70ff3202/attachment-0002.pgp

More information about the busybox mailing list