[Freedombox-discuss] BitTorrent Sync

Elena ``of Valhalla'' elena.valhalla at gmail.com
Wed Jan 30 09:06:09 UTC 2013 

On 2013-01-29 at 16:56:16 -0800, Jonathan Wilkes wrote:
> "Supports ssh", or even "supports encryption" is not the same as "uses
> encryption out of the box".  From that same link:

one significant usecase for git-annex is condivision of files 
between computers in one own home, using only devices under 
you control (e.g. usb storage devices).

using encryption in these cases is either not needed (the devices 
don't leave your home) or better left to the filesystem layer 
(the devices do leave your home, but you want to be able to 
access the contents directly)

> "git-annex mostly does not use encryption. Anyone with access to a git
> repository can see all the filenames in it, its history, and can access
> any annexed file contents."

the git repositories are supposed to be local or under owner's control; 
special remotes don't usually include a git repo

> and from http://git-annex.branchable.com/walkthrough/using_ssh_remotes/
> 
> "Note that normally git-annex prefers to use non-ssh remotes, like a USB drive, before ssh remotes. They are assumed to be faster/cheaper to access, if available. There is a annex-cost setting you can configure in .git/config to adjust which repositories it prefers. See the man page for details."
> 
> Note that "non-ssh remotes" are by default unencrypted-- these could include network drives
> or other resources on the LAN that you're not accessing through ssh (and thus lose the benefit
> of its encryption).  The user shouldn't have to choose the slower method of transporting data in order
> to get encryption, nor should they have to tunnel a LAN resource over ssh just to get the benefit of
> its encryption for syncing data.  "Unencrypted = fast" sets up a false dichotomy.

note that in the manpage the distinction is not between ssh and
non-ssh, but between *local* (=directly connected to your computer) and 
*remote* (=accessed via a network, *including* a LAN): most devices that 
are directly connected to the machine (e.g. USB storage devices) *are* 
faster than anything accesses through a network. 
The wording in the walkthrough is misleading, probably because 
it came from a time where the only remotes available where ssh 
and local filesystem.

Of course, if you can access some network device via the filesystem 
git-annex has no way to know that device is not really local, 
and here is where the remote.<name>.annex-cost configuration 
is useful.

> > As for scaling, it depends what you're after, but since (if using the
> > assistant) you can nudge remotes into attempting to pull from one
> > another via XMPP, I think it's got quite a few of the real world use
> > cases covered for scalability too.
> 
> Why wouldn't the machines pull from each other by default?

mostly because they are not assumed to have direct and constant access 
to each other.

-- 
Elena ``of Valhalla''

More information about the Freedombox-discuss mailing list