On Jan 9, 2009, at 3:18 PM, Martin v. Löwis wrote:
Here's some: how about instead of an ssh-like system, use ssh itself. Front PyPI with an ssh server that users connect to. That way it is both secure and the infrastructure (agent, etc.) is already in place. Yes please. I'd rather have one agent running and reuse my SSH key for authentication.
That would be awesome indeed. But that would involve quite some changes on server side, I'll forward this mail to catalog-sig for Richard, Martin and others's feedback
I'm fairly skeptical. First, the infrastructure is *not* yet in place. Nobody has uploaded SSH keys to PyPI,
Right. PyPI would have to grow the ability to manage public keys for users.
and in order to allow SSH access, we probably would need to create a Unix account,
No, you would not.
which then runs a fixed (Python) program on ssh login. That is much less secure than the current setup, in the sense that this program can probably tricked much easier than Apache can. So it opens a door for people hacking into the system; all they have to do is to create a fake PyPI account and upload an SSH key...
No. You'd have a new server process, written in Python using Twisted or paramiko, that would would provide a small number of specialized commands and that would read public keys from the pypi database for authentication and update the database in response to commands, Jim -- Jim Fulton Zope Corporation