Remove general purpose crypto command-line options
Bug #1086660 reported by
Casey Marshall
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tsssh |
Confirmed
|
High
|
Casey Marshall |
Bug Description
We really don't want to encourage users to use konec when they should be using GnuPG. konec should be considered as "time-shifted SFTP through an untrusted intermediary".
1. Posted messages are always signed with the host's private key and encrypted to a public key in the known_hosts or authorized_keys files -- a public key that SSH already trusts.
2. Received messages must have a signature verified with a public key in the receiving end's known_hosts or authorized keys file -- a public key that SSH already trusts.
We don't need options like -encrypt, -decrypt, -sign and -verify. We need -put, -get and -list-keys.
To post a comment you must log in.