[OpenAFS] Speed difference between OpenAFS 1.4.x on Debian and CentOS
Christopher D. Clausen
Tue, 8 Apr 2008 09:56:25 -0500
Wesley Chow <email@example.com> wrote:
>> Does turning crypt off mean data in transit can be read *and*
>> tampered with? Or read, but still safe from tampering?
> Also, does this imply that a server participating in the public
> directory is trusting that all clients are using encryption to connect
> to it? Is there a way for a server to force encryption on any clients
> accessing its volumes?
Encryption in OpenAFS is a per-client command and only operates when one
is using tickets. IP based ACLs and system:anyuser "anonymous" access
cannot be encrypted.
There is not currently a way to enforce encryption from the server-side.