Encrypt Socket Messaging

hyperion-start / hyperion-core

A Tmux based System Startup Engine

GNU General Public License v3.0

8 stars 3 forks source link

Closed DavidPL1 closed 5 years ago

DavidPL1 commented 5 years ago

Enhances safety

Option 1:

Use normal socket.
On slave start server generates key pair and start host over ssh with key pair as argument -> Only slaves started by server will know the keys to decrypt host messages and encrypt correctly for the server to not discard the message, thus the connection can not be sniffed and no unauthorized commands can be issued

Option 2:

DavidPL1 commented 5 years ago

Resolved by ac23e6b: using forwarded ports over the ssh connection implicitly encrypts the data exchange.