[rescue] SGI fw_sshd and security
Patrick Finnegan
pat at computer-refuge.org
Sun Mar 7 23:35:44 CST 2004
On Sunday 07 March 2004 23:13, Dave McGuire wrote:
> On Mar 7, 2004, at 6:54 PM, Patrick Finnegan wrote:
> >> At Digex, we had a really great scheme going. We did rdist
> >> verify passes every night, from our proto machines which were as
> >> locked-down as we could make them. Now, if you're familiar with
> >> rdist, you know that in verify mode it sends each file down and
> >> then does a byte-for-byte compare. That'd be a tremendously
> >> expensive operation to perform on, say, six hundred SPARCstations.
> >> We made a nice little mod to rdist in which the MD5 checksum is
> >> sent down to the target machine and verified. I think that may
> >> have actually made it into the main rdist source tree but I'm not
> >> sure. It was *cool*.
> >
> > Err, can't you already do that with rsync? Without modifications?
>
> You couldn't in 1994, which is when we did that at Digex. :-)
Ahh, that makes a bit more sense. You didn't say when before and I
mistakenly thought "recently." :)
Pat
--
Purdue University ITAP/RCS --- http://www.itap.purdue.edu/rcs/
The Computer Refuge --- http://computer-refuge.org
More information about the rescue
mailing list