On Friday 24 March 2006 13:25, Grant <[EMAIL PROTECTED]> wrote about 'Re: [gentoo-user] Hosted server as distcc machine': > > > > It's probably better to use distcc over ssh, using an ssh-agent > > > > and PKI authentication. > > > How would ssh and PKI be set up in > > > the workflow? It isn't mentioned here: > > > http://www.gentoo.org/doc/en/distcc.xml > > > > 1) On the server, set up the shell account that will use distcc via > > ssh. > > 2) On the client, generate the private key for that account and > > use ssh-copy-id to give the server the public key. > > 3) On the server, if possible, disable password logins to force the > > use of the private key for that user. > > 4) On the client, add a line like [EMAIL PROTECTED] to your > > distcc_hosts. > > 5) Prior to invoking distcc on the client, start > > an ssh-agent (I prefer the keychain "meta-"agent.) and optionally add > > your private key to the agent. (If you don't start an agent, each > > compile that goes to an ssh host will ask for a password -- very > > troublesome with parallel make; If you don't add your private key to > > the agent, you'll get prompted for the passphrase the first time you > > need a key -- still moderately troublesome.) > > > > There is no need to run distccd on the server at all. You /will/ need > > sshd. > > It sounds like this would make the remote > distcc idea as secure as ssh and I won't have to worry about the fact > that distcc wasn't built with security in mind. Is that right?
Yes. Since you aren't running the distccd server it's lack of security is not concern for you. You'll be depending on the security of ssh. While not completely spotless (e.g. the zlib vulnerability bit openssh) it was, at least, designed with security in mind. > Also, > I'm the only user on all of my systems so it would be OK to use plain > ssh without PKI right? Unfortunately, no. Not because it's less secure (though, it might be depending on the strength of your passwords vs passphrases), but because there's no such thing (AFAIK) as an ssh-password-agent. This means that each compile job has to ask you for the password -- that's not gonna be real useful, most likely. See the parenthetical notes at the end of step 5. -- "If there's one thing we've established over the years, it's that the vast majority of our users don't have the slightest clue what's best for them in terms of package stability." -- Gentoo Developer Ciaran McCreesh -- gentoo-user@gentoo.org mailing list
