Security Basics mailing list archives
Re: Alternatives to sftp?
From: "John Sec" <john_sec_lists () hotmail com>
Date: Thu, 16 Oct 2003 13:47:17 +0000
On Wed, Oct 15, 2003 at 07:37:04PM +0000, John Sec wrote:
> Hey list,
Hello citizen.
> I was wondering what the alternatives were to something like sftp?
> I have two servers that need to send files (approx. 10mb) to each
> other a couple of times a day and I wanted to know what other
> options I had to do it securely. Is there anything else out there
> besides sftp and pgp for something like this?
I gotta figure you are hoping there is something faster. And there
really isn't.
If you need the file to be encrypted during transfer, no matter what
way you transfer it, it still has to be encrypted and this is where
the CPU time goes.
If you don't need the crypto, but want to ensure integrity, use a
cypher of "none" in ssh (some servers, rightfully, force a cypher
other than none).
If you really do need encrypted traffic, you might want to make sure
you are using AES or TwoFish rather than 3des as they are much faster.
Arcfour is even faster, but not felt to be as secure.
You could use rsync over ssh if the files don't change much. This
will save a bit of bandwidth, and maybe some CPU.
PS You mention ssh *and* pgp. If your files are encrypted with pgp,
they don't need to be encrypted during transit.
I wasn't even aware that sftp provided a way to transfer files without encryption. Looking at the man page that I found online, I do not see this option. How exactly can you tell it to force integrity without encrypting the file? Do you think that encrypting the file with PGP and then using sftp to transfer the file (no encryption, only integrity) would save any CPU cycles? I'm only asking out of curiosity now as it may come in handy in the future.
_________________________________________________________________See when your friends are online with MSN Messenger 6.0. Download it now FREE! http://msnmessenger-download.com
--------------------------------------------------------------------------- FREE Whitepaper: Better Management for Network Security Looking for a better way to manage your IP security? Learn how Solsoft can help you: - Ensure robust IP security through policy-based management - Make firewall, VPN, and NAT rules interoperable across heterogeneous networks - Quickly respond to network events from a central console Download our FREE whitepaper at: http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015 ----------------------------------------------------------------------------
Current thread:
- Alternatives to sftp? John Sec (Oct 15)
- Re: Alternatives to sftp? Brad Arlt (Oct 16)
- Re: Alternatives to sftp? Thorne (Oct 16)
- Re: Alternatives to sftp? Ranjeet Shetye (Oct 16)
- Re: Alternatives to sftp? Thorne (Oct 16)
- Re: Alternatives to sftp? Nick Warr (Oct 16)
- Re: Alternatives to sftp? Ansgar -59cobalt- Wiechers (Oct 16)
- Re: Alternatives to sftp? Wu Fei Liang (Oct 16)
- <Possible follow-ups>
- RE: Alternatives to sftp? Halverson, Chris (Oct 16)
- Re: Alternatives to sftp? John Sec (Oct 16)
- Re: Alternatives to sftp? Brad Arlt (Oct 16)
- RE: Alternatives to sftp? Meidinger Chris (Oct 16)
- RE: Alternatives to sftp? Ruiz Cifuentes, Rolando Matias (CL - Santiago) (Oct 16)
- RE: Alternatives to sftp? Hagen, Eric (Oct 16)
- RE: Alternatives to sftp? Dave Killion (Oct 16)
- Re: Alternatives to sftp? Brad Arlt (Oct 16)