On Jan 9, 2009, at 10:17 AM, Benji York wrote:
On Fri, Jan 9, 2009 at 10:08 AM, Stephen Emslie
wrote: A bit OT, but from your blog post on the subject:
I'd like to go further and to think about a ssh-agent like system, so there's no need to enter the pasword everytime you work with PyPI in the same session.
Have you had any feedback on this yet?
Here's some: how about instead of an ssh-like system, use ssh itself. Front PyPI with an ssh server that users connect to. That way it is both secure and the infrastructure (agent, etc.) is already in place.
+1 Note that paramiko or the Twisted ssh support should make this fairly straightforward to implement. (I have need to build a custom ssh server soon for a project, and I'll find out if this statement is correct. :) Jim -- Jim Fulton Zope Corporation