From: Dan L. <jun...@us...> - 2006-09-21 14:09:01
|
Update of /cvsroot/bacula/docs/manual In directory sc8-pr-cvs3.sourceforge.net:/tmp/cvs-serv20860 Modified Files: security.tex Log Message: We now have TLS. Data is still transmitted unencrypted by default, but add links to the Encryption documentation. Index: security.tex =================================================================== RCS file: /cvsroot/bacula/docs/manual/security.tex,v retrieving revision 1.10 retrieving revision 1.11 diff -u -d -r1.10 -r1.11 --- security.tex 21 Jul 2006 19:35:15 -0000 1.10 +++ security.tex 21 Sep 2006 14:08:59 -0000 1.11 @@ -27,10 +27,10 @@ \item If you are using the recommended ports 9101, 9102, and 9103, you will probably want to protect these ports from external access using a firewall and/or using tcp wrappers ({\bf etc/hosts.allow}). -\item Currently all data that is sent across the network is unencrypted. As a - consequence, unless you use {\bf ssh} or {\bf stunnel} for port forwarding, - it is not recommended to do a backup across an insecure network (e.g. the - Internet). In a future version, we plan to have {\bf ssl} encryption +\item By default, all data that is sent across the network is unencrypted. + However, Bacula does support TLS (transport layer security) and can + encrypt transmitted data. Please read \ilink{Data Encryption}{DataEncryption} + section of this manual. built-in. \item You should ensure that the Bacula working directories are readable and writable only by the Bacula daemons. |