hobbit security transmission
list Eduard Michels
Hi, Is there any way to encrypt data transmitted from the Hobbit Client to the Hobbit Server? Currently, if someone put a sniffer on the network will have access to all information transmitted, as they are in plain text. Regards, Eduard
list Nick Nauwelaerts
▸
From: Eduard Michels [mailto:user-6eea320aeca3@xymon.invalid] Sent: Monday, November 12, 2007 14:02 To: user-ae9b8668bcde@xymon.invalid Subject: [hobbit] hobbit security transmission Hi, Is there any way to encrypt data transmitted from the Hobbit Client to the Hobbit Server? Currently, if someone put a sniffer on the network will have access to all information transmitted, as they are in plain text. Regards, Eduard
disclaimer: i still haven't tried hobbit, i'm lurking the list to get a
better feel of it.
so, after getting this disclaimer out of the way, i'm guessing the
easiest way to get this going is by using something like stunnel
(www.stunnel.org) or openssh port forwarding (www.openssh.com). both
work with most tcp based apps and have been used by us in various
scenarios.
// nick
list Josh Luthman
Damn clever idea! Please let us know if that works or not! On 11/13/07, user-03256bc58777@xymon.invalid <user-03256bc58777@xymon.invalid>
▸
wrote:
From: Eduard Michels [mailto:user-6eea320aeca3@xymon.invalid]
Sent: Monday, November 12, 2007 14:02
To: user-ae9b8668bcde@xymon.invalid
Subject: [hobbit] hobbit security transmission
Hi,
Is there any way to encrypt data transmitted from the Hobbit
Client to the Hobbit Server?
Currently, if someone put a sniffer on the network will have
access to all information transmitted, as they are in plain text.
Regards,
Eduard
disclaimer: i still haven't tried hobbit, i'm lurking the list to get a
better feel of it.
so, after getting this disclaimer out of the way, i'm guessing the
easiest way to get this going is by using something like stunnel
(www.stunnel.org) or openssh port forwarding (www.openssh.com). both
work with most tcp based apps and have been used by us in various
scenarios.
// nick
--
Josh Luthman
Office: XXX-XXX-XXXX
Direct: XXX-XXX-XXXX
XXXX Wayne St
Suite XXXX
Troy, OH XXXXX
Those who don't understand UNIX are condemned to reinvent it, poorly.
--- Henry Spencer
list Greg L Hubbard
If you search the archive, you will find some conversations about this, including posts from Henrik regarding why he has not implemented it, and what some of the issues are regarding encryption. It turns out to be a fairly complicated issue. Some folks did say that they were using tunneling successfully, but this is done outside of the Hobbit technology itself. Unless I dreamed all this... GLH
▸
From: Josh Luthman [mailto:user-4c45a83f15cb@xymon.invalid]
Sent: Tuesday, November 13, 2007 10:02 AM
To: user-ae9b8668bcde@xymon.invalid
Subject: Re: [hobbit] hobbit security transmission
Damn clever idea! Please let us know if that works or not!
On 11/13/07, user-03256bc58777@xymon.invalid <
user-03256bc58777@xymon.invalid> wrote:
From: Eduard Michels
[mailto:user-6eea320aeca3@xymon.invalid]
Sent: Monday, November 12, 2007 14:02
To: user-ae9b8668bcde@xymon.invalid
Subject: [hobbit] hobbit security transmission
Hi,
Is there any way to encrypt data transmitted
from the Hobbit
Client to the Hobbit Server?
Currently, if someone put a sniffer on the
network will have
access to all information transmitted, as they are in
plain text.
Regards,
Eduard
disclaimer: i still haven't tried hobbit, i'm lurking
the list to get a
better feel of it.
so, after getting this disclaimer out of the way, i'm
guessing the
easiest way to get this going is by using something like
stunnel
(www.stunnel.org ) or openssh port forwarding
(www.openssh.com). both
work with most tcp based apps and have been used by us
in various
scenarios.
// nick
--
Josh Luthman
Office: XXX-XXX-XXXX
Direct: XXX-XXX-XXXX
XXXX Wayne St
Suite XXXX
Troy, OH XXXXX
Those who don't understand UNIX are condemned to reinvent it,
poorly.
--- Henry Spencer
list Hobbit User
▸
On Tue, November 13, 2007 11:01, Josh Luthman wrote:
Damn clever idea! Please let us know if that works or not! On 11/13/07, user-03256bc58777@xymon.invalid <user-03256bc58777@xymon.invalid> wrote:From: Eduard Michels [mailto:user-6eea320aeca3@xymon.invalid] Sent: Monday, November 12, 2007 14:02 To: user-ae9b8668bcde@xymon.invalid Subject: [hobbit] hobbit security transmission Hi, Is there any way to encrypt data transmitted from the Hobbit Client to the Hobbit Server? Currently, if someone put a sniffer on the network will have access to all information transmitted, as they are in plain text.
Install autossh. Configure public-private key pairs such that user-3fdce28d5f64@xymon.invalid trusts user-28b91f9726b6@xymon.invalid with proper key. On Hobbit server hobbit.vak12ed.edu, autossh -M 64998 -f -f -N -R 127.0.0.234:1984:hobbit.vak12ed.edu:1984 -i ~hobbit/.ssh/id_rsa.flotsam user-3fdce28d5f64@xymon.invalid tunnelbox.vak12ed.edu is set up with BBSERVERIP=127.0.0.234, thus reports over a secure tunnel.