I was not suggesting that. There will always be ssh access. I just want a vm that boots with web2py out of the box and non-trivial to guess password assigned by the provider that can be changed.
On Feb 16, 9:16 am, Thadeus Burgess <[email protected]> wrote: > Well if I don't have ssh access to the machine, then I can't get in > and install mercurial on it and whatnot. I also cannot host my > mercurial repositories over ssh. > > I was just trying to say that, even though most users might not need > to ssh into the system, don't lock it down so it loses the ability to, > is all I'm saying. > > -Thadeus > > On Tue, Feb 16, 2010 at 12:44 AM, mdipierro <[email protected]> wrote: > > explain more please > > > On Feb 15, 10:35 pm, Thadeus Burgess <[email protected]> wrote: > >> what if i want my server to host ssh mercurial repositories ? > > >> -Thadeus > > >> On Mon, Feb 15, 2010 at 10:32 PM, mdipierro <[email protected]> > >> wrote: > >> > I am not suggesting that as a general solution. What I have in mind is > >> > an appliance with a single account (root or whatever). The root > >> > password is the only parameter set by the hosting provider and > >> > communicated to the user. The user never ssh into the vps. He instead > >> > uses the provided password to login into web2py admin and changes the > >> > web2py admin password (not the root password). From that moment on > >> > web2py works as usual. We could provide enough web2py tools to > >> > completely manage the vm from inside. > > >> > On Feb 15, 9:20 pm, Thadeus Burgess <[email protected]> wrote: > >> >> Potential security risk validating against root. but a user account > >> >> definitely. > > >> >> -Thadeus > > >> >> On Mon, Feb 15, 2010 at 7:46 PM, mdipierro <[email protected]> > >> >> wrote: > >> >> > Currently in admin you login using a password stored in the file > >> >> > parameters_443.py (443 is the post number). > > >> >> > I would like the option that if parameters_443.py contains > >> >> > password='posix:root' > > >> >> > then web2py admin authenticates the visitor using the 'root' password. > > >> >> > I do not know how to do it but it would be a really nice feature to > >> >> > have. In particular when running on a VPS. > > >> >> > Can anybody help? > > >> >> > All I would need a simple script that given a username and some text > >> >> > checks whether that is a the valid password for the user. > > >> >> > Massimo > > >> >> > -- > >> >> > You received this message because you are subscribed to the Google > >> >> > Groups "web2py-users" group. > >> >> > To post to this group, send email to [email protected]. > >> >> > To unsubscribe from this group, send email to > >> >> > [email protected]. > >> >> > For more options, visit this group > >> >> > athttp://groups.google.com/group/web2py?hl=en. > > >> > -- > >> > You received this message because you are subscribed to the Google > >> > Groups "web2py-users" group. > >> > To post to this group, send email to [email protected]. > >> > To unsubscribe from this group, send email to > >> > [email protected]. > >> > For more options, visit this group > >> > athttp://groups.google.com/group/web2py?hl=en. > > > -- > > You received this message because you are subscribed to the Google Groups > > "web2py-users" group. > > To post to this group, send email to [email protected]. > > To unsubscribe from this group, send email to > > [email protected]. > > For more options, visit this group > > athttp://groups.google.com/group/web2py?hl=en. -- You received this message because you are subscribed to the Google Groups "web2py-users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/web2py?hl=en.
