Navigation:
Browse pkgsrc
(this page)| 2014-06-13 01:05:28 by Sebastian Wiedenroth | Files touched by this commit (1) |
Log message: needs openssl as suggested by bulk build |
| 2014-05-14 16:00:42 by Jonathan Perkin | Files touched by this commit (2) |
Log message: Use PKG_SYSCONFDIR. |
| 2014-05-14 15:53:53 by Sebastian Wiedenroth | Files touched by this commit (4) |
Log message: Add SMF manifest |
| 2014-04-22 00:07:04 by Sebastian Wiedenroth | Files touched by this commit (1) |
Log message: added man pages deserve a PKGREVISION bumb |
| 2014-04-21 23:58:57 by Sebastian Wiedenroth | Files touched by this commit (2) |
Log message: Fix build on SunOS and include man pages |
| 2014-04-18 23:31:26 by Thomas Klausner | Files touched by this commit (4) |
Log message:
Import spiped-1.3.1 as security/spiped.
spiped (pronounced "ess-pipe-dee") is a utility for creating symmetrically
encrypted and authenticated pipes between socket addresses, so that one may
connect to one address (e.g., a UNIX socket on localhost) and transparently
have a connection established to another address (e.g., a UNIX socket on a
different system). This is similar to 'ssh -L' functionality, but does not
use SSH and requires a pre-shared symmetric key.
Note that spiped:
1. Requires a strong key file: The file specified via the -k option should
have at least 256 bits of entropy. ('dd if=/dev/urandom bs=32 count=1' is
your friend.)
2. Does not provide any protection against information leakage via packet
timing: Running telnet over spiped will protect a password from being directly
read from the network, but will not obscure the typing rhythm.
3. Can significantly increase bandwidth usage for interactive sessions: It
sends data in packets of 1024 bytes, and pads smaller messages up to this
length, so a 1 byte write could be expanded to 1024 bytes if it cannot be
coalesced with adjacent bytes.
4. Uses a symmetric key -- so anyone who can connect to an spiped \
"server" is
also able to impersonate it.
|
New packages: