tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: remote kernel debugging over a network



On Sat, Jun 05, 2010 at 05:57:55PM -0400, Thor Lancelot Simon wrote:
> IPKDB used a custom MD5-based packet hash for "security".  I actually
> think it would probably be very easy to support a single IPsec ESP
> security association instead.  The hair with IPsec is all with key
> negotiation.  Don't bother, and don't do some things like replay
> protection, and ESP is a very simple, compact little shim layer on IP.

If you want to secure the link, having a fixed AES key and including a
SHA1 hash would provide most of the security with very little
complexity.

Joreg


Home | Main Index | Thread Index | Old Index