--- - branch: MAIN date: Fri Apr 18 21:31:26 UTC 2014 files: - new: '1.1' old: '0' path: pkgsrc/security/spiped/DESCR pathrev: pkgsrc/security/spiped/DESCR@1.1 type: added - new: '1.1' old: '0' path: pkgsrc/security/spiped/Makefile pathrev: pkgsrc/security/spiped/Makefile@1.1 type: added - new: '1.1' old: '0' path: pkgsrc/security/spiped/PLIST pathrev: pkgsrc/security/spiped/PLIST@1.1 type: added - new: '1.1' old: '0' path: pkgsrc/security/spiped/distinfo pathrev: pkgsrc/security/spiped/distinfo@1.1 type: added id: 20140418T213126Z.c10871dd719ad4f86d7d3d2448b0727034e97c05 log: | Import spiped-1.3.1 as security/spiped. spiped (pronounced "ess-pipe-dee") is a utility for creating symmetrically encrypted and authenticated pipes between socket addresses, so that one may connect to one address (e.g., a UNIX socket on localhost) and transparently have a connection established to another address (e.g., a UNIX socket on a different system). This is similar to 'ssh -L' functionality, but does not use SSH and requires a pre-shared symmetric key. Note that spiped: 1. Requires a strong key file: The file specified via the -k option should have at least 256 bits of entropy. ('dd if=/dev/urandom bs=32 count=1' is your friend.) 2. Does not provide any protection against information leakage via packet timing: Running telnet over spiped will protect a password from being directly read from the network, but will not obscure the typing rhythm. 3. Can significantly increase bandwidth usage for interactive sessions: It sends data in packets of 1024 bytes, and pads smaller messages up to this length, so a 1 byte write could be expanded to 1024 bytes if it cannot be coalesced with adjacent bytes. 4. Uses a symmetric key -- so anyone who can connect to an spiped "server" is also able to impersonate it. module: pkgsrc subject: 'CVS commit: pkgsrc/security/spiped' unixtime: '1397856686' user: wiz