net security

Q&A's, tips, howto's
Locked
tom
Posts: 168
Joined: Wed Jul 14, 2004 10:32 pm

net security

Post by tom »

Hi guys,

I'd like to be able to do stuff to/at a remote location using newlisp, but I don't want that stuff flapping around the internet in plain text. I generally use ssh/scp. What do you do? Newlisp does tcp/ip, demon mode, etc, so well, it seems a shame to waste it... Surely I can connect to a remote host securely?

Thanks!

Lutz
Posts: 5289
Joined: Thu Sep 26, 2002 4:45 pm
Location: Pasadena, California
Contact:

Post by Lutz »

There is a function 'encrypt' you could use to encrypt traffic. It's a on-time pad encryption, if you make the pad big enough its virtually unbreakable. What is it exactly you are trying to do?

Lutz

tom
Posts: 168
Joined: Wed Jul 14, 2004 10:32 pm

Post by tom »

just housekeeping stuff, mostly. other than that I was just curious. I might want to automate the backup of my blog/posts directory, make a tarball and send it home, or transfer files, whatever. It seems like something someone would already be doing.

nigelbrown
Posts: 429
Joined: Tue Nov 11, 2003 2:11 am
Location: Brisbane, Australia

Post by nigelbrown »

Another approach would be to create a ssh tunnel with ssh port forwarding and then connect with newlisp through that
Nigel

Lutz
Posts: 5289
Joined: Thu Sep 26, 2002 4:45 pm
Location: Pasadena, California
Contact:

Post by Lutz »

Here are some possibilities:

if you want to operate newLISP interactively:
===============================
- just ssh to the remote server and execute newlisp in ssh shell

- operate newlisp-ide-3.2.tgz over a SSL enabled webserver (goto openssl.org for more info)

if you want to call newLISP functions remotely from a program:
============================================
- run the script examples/xmlrpc.cgi on an SSL enabled server but you would need also a client doing XML-RPC over HTTPS the modules/xmlrpc-client.lsp is only for HTTP.

- use the xmlrpc.cgi and xmlrp-client.lsp scripts and work over normal HTTP but change both files to do some sort of encryption, i.e. via the newLISP'encrypt' function. Ecnrypt first then encode into BASE64 using the newLISP functions 'base64-enc' and 'base64-dec' on the decoding side.

- invent you own protocol on top of POST forms processing, working from a browser on the client side (all do do HTTPS) and do CGI on an SSL enabled web server. This would be similar to working with newlisop-ide-3.2 over a HTTPS connection, but you would write your own client screens.

Lutz

Locked