[lug] security question
Kevin Kempter
kevin at kevinkempterllc.com
Wed Jun 2 11:59:50 MDT 2010
Hi all;
we're moving on a service where we'll need to have a component within our
clients' networks that will deliver data back to us for analysis/processing.
Security is a big concern. We're thinking of something like this:
1) setup ssh keys onto a cloud server (or a dmz box) for each client
2) have each client's local processing ssh the data file (zipped and
encrypted) to the cloud server where the umask for the connecting user will
be 0477 thus they cannot do anything, and we'll have a process that gets
called that accepts data from stdin and writes to a file
We'd like to deploy reasonably sufficient security while at the same time keep
it as simple as possible. We're open to the delivery server being either a
dmz box within our network or a cloud server for security
Here's my questions:
1) thoughts on the above approach?
2) thoughts on alternate approaches?
Thanks in advance...
More information about the LUG
mailing list