[Previous] [Next] [Index]
[Thread]
Re: Web server update problem
On Fri, 16 Feb 1996, Frode Hoem wrote:
> Security of the web-server is important, therefore some kind of
> authorization mechanism is needed. Probably that would be
> Kerberos or a smart-card solution, any thoughts on this ?
Bringing up a Kerberos server doesn't involve too much overhead.
Ideally its a dedicated piece of hardware (BSDI on a Pentium is
reasonably inexpensive) that only does Kerberos.
You can then use a srvtab, getsrvtgt, and Kerberized rcp to handle the
file copying with a reasonable amount of authentication and security.
A good practice with Kerberos if you're using srvtabs is to use an
instance instead of just a principal (i.e. www.filecopy instead of just
www) so that if the srvtab is compromised, the only access gained is to
this specific operation.
-brian
--
Brian W. Spolarich - ANS CO+RE Systems - briansp@ans.net - (313)677-7311
Want strong encryption? Use ROT26. Its _twice_ as strong as ROT13.
Follow-Ups:
References: