#88 Force encryption on the client

[Anonymous]

Originally created by: Hawk777

Doing client-side encryption is nice because it means the server can’t see the client’s data. Ideally, in combination with a locked-down command= parameter in the client’s authorized_keys file, it should be possible for the client to not really trust the server. However, right now, AFAICT, the only place you can choose whether to enable client-side encryption or not is the dumptype, which is controlled by the server. It would be nice to have an option on the client which would reject all dump requests that don’t specify a particular encryption program. Just requiring encryption alone isn’t sufficient, since the server could just ask the client to encrypt but use /bin/cat as the program.