On Thu, Mar 31, 2011 at 5:38 AM, Martijn Pieters <m...@zopatista.com> wrote:
> On Wed, Mar 30, 2011 at 15:08, Jim Fulton <j...@zope.com> wrote:
>> We do something similar with sftp (zc.buildoutsftp).  To publish eggs,
>> we just use scp.
>> The advantage of this is that it leverages ssh infrastructure, so *no*
>> additional password management is needed.  This is wildly better, IMO,
>> than keeping passwords in clear text in your buildout configuration or
>> in a dot file.
> That depends on your deployment scenarios. We generate separate
> passwords per customer, and give them a dedicated URL to load their
> private eggs from, then put the password in the buildout.cfg. To load
> the buildout.cfg in the first place, the exact same password is used.
> Managing SSH accounts and keys for those customers would cost us much
> more overhead, and would complicate our instructions for deployment to
> them.
> On the other hand, for deployments of a buildout from a SVN repository
> already served over SSH would make the sftp route the logical choice.

Some customers are too dumb to be secure. OK, makes sense. :)

Seriously, I assume this is a read-only scenario, in which case having
clear-text passwords laying around in prominent places seems less
problematic.  If they could write to the repo, then I would still have
serious problems with this approach.

Another approach would be to integrate with some secure key-management
service (keychain) on the customer's machines, but I expect that would
be as painful as helping them figure out ssh.


Jim Fulton
Zope-Dev maillist  -  Zope-Dev@zope.org
**  No cross posts or HTML encoding!  **
(Related lists - 
 https://mail.zope.org/mailman/listinfo/zope )

Reply via email to