On Jan 9, 2009, at 3:18 PM, Martin v. Löwis wrote:
Here's some: how about instead of an ssh-like system, use ssh
itself. Front
PyPI with an ssh server that users connect to. That way it is
both secure and
the infrastructure (agent, etc.) is already in place.
Yes please. I'd rather have one agent running and reuse my SSH
key for
authentication.
That would be awesome indeed. But that would involve quite some
changes on server side,
I'll forward this mail to catalog-sig for Richard, Martin and
others's feedback
I'm fairly skeptical. First, the infrastructure is *not* yet in place.
Nobody has uploaded SSH keys to PyPI,
Right. PyPI would have to grow the ability to manage public keys for
users.
and in order to allow SSH access,
we probably would need to create a Unix account,
No, you would not.
which then runs a fixed
(Python) program on ssh login. That is much less secure than the
current
setup, in the sense that this program can probably tricked much easier
than Apache can. So it opens a door for people hacking into the
system;
all they have to do is to create a fake PyPI account and upload an SSH
key...
No. You'd have a new server process, written in Python using Twisted
or paramiko, that would would provide a small number of specialized
commands and that would read public keys from the pypi database for
authentication and update the database in response to commands,
Jim
--
Jim Fulton
Zope Corporation
_______________________________________________
Distutils-SIG maillist - [email protected]
http://mail.python.org/mailman/listinfo/distutils-sig
