[Box Backup] SSH/SSL
Chris Wilson
chris at qwirx.com
Sun Nov 10 19:23:57 GMT 2013
Hi Stavros,
On Tue, 5 Nov 2013, Stavros Korokithakis wrote:
> I'm currently evaluating various backup programs, and Box Backup seems
> very promising. However, trying to set it up is quite the task, as SSL
> is a pain to install. Is there any way to run it over plain SSH, and, if
> not, would this be supported in a future version?
That's strange, I've set it up many times and never had a problem with the
SSL certificate setup. The only thing I can imagine being a problem is if
you have many clients to configure, in different locations, so sending
back the certificates to be signed is painful. I did start writing a CGI
certificate manager which is part of the Box Backup source, and you could
try it out if you like.
Unfortunately SSL is essential to the security of the system, since the
SSL certificate is the only thing that ensures that the connecting client
is actually authorised to connect and access the account that it's trying
to access. It would theoretically be possible to either (a) mount the
filesystem over sshfs and do a local backup to it, or (b) remove
authentication from the protocol and have you assert that you trust all
the clients and build a network (ssh or vpn) for it to run over, but
neither mechanism is implemented at the moment.
Cheers, Chris.
--
_____ __ _
\ __/ / ,__(_)_ | Chris Wilson <chris+sig at qwirx.com> Cambs UK |
/ (_/ ,\/ _/ /_ \ | Security/C/C++/Java/Ruby/Perl/SQL Developer |
\__/_/_/_//_/___/ | We are GNU : free your mind & your software |
More information about the Boxbackup
mailing list