tech-kern archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: remote kernel debugging over a network
On Sun, Jun 06, 2010 at 12:47:36AM +0200, Joerg Sonnenberger wrote:
> On Sat, Jun 05, 2010 at 05:57:55PM -0400, Thor Lancelot Simon wrote:
> > IPKDB used a custom MD5-based packet hash for "security". I actually
> > think it would probably be very easy to support a single IPsec ESP
> > security association instead. The hair with IPsec is all with key
> > negotiation. Don't bother, and don't do some things like replay
> > protection, and ESP is a very simple, compact little shim layer on IP.
>
> If you want to secure the link, having a fixed AES key and including a
> SHA1 hash would provide most of the security with very little
> complexity.
That's exactly what I just said.
--
Thor Lancelot Simon
tls%rek.tjls.com@localhost
"All of my opinions are consistent, but I cannot present them all
at once." -Jean-Jacques Rousseau, On The Social Contract
Home |
Main Index |
Thread Index |
Old Index