[jump to content][No Software Patents]Scylla+Charybdis old home [ Home | Scylla+Charybdis old home | Tools (old) | Tools (new) | FAQ | Downloads ]

Moving to GitHub, slowly

The software on this pages will slowly be moved to GitHub https://github.com/hilbix/. The CVS repository will be migrated to GIT as well, so the history will be preserved, a bit. See FAQ.

Scylla and Charybdis, Encrypted and Compressed File Transfer

(Sorry for the chaos, this pages will be restructured slowly.)
The new tools section is comming up. It's now fully automated such that I can even release more early.

2003-10-01 latest Security Alert: Remote exploit warning: (updated 2003-10-02)
Even though it's not known that the scylla+charybdis source code contains any possible buffer overflow remote exploits, I believe that the recent openssl exploit affects S+C, too. All users should be aware of this and install a current OpenSSL. In case of statically linked SSL library S+C must be recompiled and relinked as well. Read the OpenSSL security advisory. Be sure to use OpenSSL 0.9.7c or 0.9.6k or later.
As this is now the second inexcusable case of OPENssl to be vulnerable. While analysing how to harden S+C against any remote exploit etc. due to faulty libraries, I came over the fact, that S+C must be completely re-designed and has to be re-written from scratch to reach this goal. S+C was thought to lead to another project of me, which currently is not even in the pre-planning phase. However now I realized, S+C leads nowhere, so it's not worth the effort to add more features than I (sic!) need immediately (I do not need Poseidon, as I usually do not need to backup filesystem metadata).
2004-05-21 md5backup 0.3.2
2004-05-20 ptybuffer 0.2.0
2004-05-01 md5backup 0.3
2004-01-12 md5backup 0.1.0 in Downloads
2004-01-10 sslwrap210vh0pam in the Tools section
2003-01-04 HilbiX 0.0.1 in Downloads
2003-01-04 accept 2.0.0 in Downloads
2003-12-24 md5backup 0.0.1 in Downloads
2003-11-06 S+C 2.2.5-stable interim snapshot in Downloads
2003-11-06 Moved to a new web server.
2003-10-29 DiskImg 1.1.1 bugfix release with some smaller improvements
2003-10-23 DiskImg 1.0.1 in the Tools section
2003-10-02 S+C 2.2.4 beta release called stable
2003-10-01 Security Alert (S+C uses OpenSSL which has a known remote exploit)
2003-08-19 ShellInABox patch shellinabox.patch.gz
2003-03-18 S+C 2.2.3 release introducing Odysseus
2003-02-14 xml2sql-v in the Tools section
2002-08-21 CFP in the Tools section
2002-08-07 Security Alert (S+C uses OpenSSL which has a known buffer overrun)
2002-07-07 Accept in the Tools section
2002-06-22 S+C now has a web page (rather than only a download page)
2003-11-06 latest update: Introducing interim "stable" Snapshots
Links from this page are normally not up to date in regard to the snapshots! Look into Downloads.
There is a new interim release snaphot of Scylla-Charybdis. It's an interim between 2.2.5 (which was never published) and 2.3.0 (which is in preparation). It features improved and better tested versions of example scripts (backuploop), latest state of documentation and customizeable timeout of charybdis.
Full latest documentation is included, but only sources with a state which can be considered "stable" ("Stable" means: "successfully tested source code improvements only"). Thus the documentation is not fully consistent to the features you might see.
It refers to the STABLE tag in my CVS. As my CVS currently is not publicly available, I provide such snapshots here until I get arround to install ViewCVS and a replication process for the CVS repository - done with S+C, of course!
2003-10-02 latest update: A beta declared stable
There is a new release 2.2.4 of Scylla-Charybdis which only has a very small change in the Makefile to compile under RedHat, too. Even that poseidon is still missing (which means, there is no option to do a restore of backed up data), I declare this version stable as it has transferred nearly a Terabyte of data without any problem.
Note that even without Poseidon, with the Help of Odysseus, S+C now gives you all data you need to re-create a backup from scratch, all you have to do is to write a little script which parses the Odysseus output and recreates the filesystem metadata. Some conceptual papers (README.backup and README.restore) might be of help.
some other tools which are downloadable here
http://www.scylla-charybdis.com/scylla-charybdis.tgz link to the latest version
http://www.scylla-charybdis.com/download/ download directory (this was the old plain directory)

Interim utility (2003-12-24)

There is a new md5backup utility.
It's the proof of concept and quick and dirty file backupper which stores the backed up files under their MD5 sum (with some help of a GDBM database).

It's release early code, as always. For more read the README. Merry Christmas.

Author's note (2003-11-06)

The developement of Scylla+Charybdis will stop at version 2.3.x. I decided not to go further to a complete 3.x rewrite. There is a file RATIONALE explaining why.

From 2.3.x on no new features will be added any more. Only bugfixes will be done and not yet complete features will be slowly completed. There never will be Poseidon which is needed to restore filesystem metadata from the Odysseus output. Instead there will be a crude script called "Little Poseidon" which creates a shell script to do so. At the time of writing there is already a conceptual script which is completely untested in examples/ .

If somebody else contributes things to S+C, of course this can be published on this pages, too.

Upcomming features of S+C 2.3.0:

Unclear features, may perhaps show up in a later 2.3.x:

Scylla and Charybdis

This is a minimum homepage for Scylla and Charybdis. It is developed under Linux with ESR's paradigm release early, release often in mind.

Short explaination


Scylla Charybdis lets you get a data odyssey done with the help of two small monsters. It's easy to use, utilizes SSL (encryption), LIBZ (compression), and simple password protection. A builtin timeout detects link breaks (for dialups) such that an uploads can be automatically continued from where it broke (within a file). MD5 sums detect if files are successfully transferred. In case of data changes the destination is renamed and not overwritten (backup history). Data throttling can prevent the transfer from using up full link speed, such that a background upload does not disturb your SSH sessions (like SCP does).


Currently there is a source only distribution for now.

You have to compile it yourself, see README. It probably only runs on a current Linux distribution.

License and Disclaimer

This is free software according to the GNU GPL.
Copyright (C)2000-2003 by Valentin Hilbig
Note that the software comes with absolutely no warranty of any kind.


The documentation link might be a little bit outdated.

[end of page - jump back to content][hacker culture]
Last modified: 2011-09-12 by Valentin Hilbig [ Imprint / Impressum ]