From: Dan Langille <dan@langille.org>
Date: Thu, 21 Sep 2006 14:08:59 +0000 (+0000)
Subject: We now have TLS.  Data is still transmitted unencrypted by default, but add
X-Git-Tag: Release-2.0.0~425
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=92518162d3e62af14bf99ea4861df73d717310d9;p=bacula%2Fdocs

We now have TLS.  Data is still transmitted unencrypted by default, but add
links to the Encryption documentation.
---

diff --git a/docs/manual/security.tex b/docs/manual/security.tex
index e6ff7ea0..e1dbd8af 100644
--- a/docs/manual/security.tex
+++ b/docs/manual/security.tex
@@ -27,10 +27,10 @@
 \item If you are using the recommended ports 9101, 9102, and 9103, you  will
    probably want to protect these ports from external access  using a firewall
    and/or using tcp wrappers ({\bf etc/hosts.allow}).  
-\item Currently all data that is sent across the network is unencrypted.  As a
-   consequence, unless you use {\bf ssh} or {\bf stunnel} for  port forwarding,
-   it is not recommended to do a backup across an  insecure network (e.g. the
-   Internet). In a future version, we plan  to have {\bf ssl} encryption
+\item By default, all data that is sent across the network is unencrypted.
+   However, Bacula does support TLS (transport layer security) and can
+   encrypt transmitted data.  Please read \ilink{Data Encryption}{DataEncryption}
+   section of this manual.
    built-in. 
 \item You should ensure that the Bacula working directories are  readable and
    writable only by the Bacula daemons.