[Catalog-sig] [Distutils] [distutils] make the storage of the password optional in .pypirc

Jim Fulton jim at zope.com
Fri Jan 9 21:57:55 CET 2009


On Jan 9, 2009, at 3:18 PM, Martin v. Löwis wrote:

>>>> Here's some:  how about instead of an ssh-like system, use ssh  
>>>> itself.  Front
>>>> PyPI with an ssh server that users connect to.  That way it is  
>>>> both secure and
>>>> the infrastructure (agent, etc.) is already in place.
>>> Yes please.  I'd rather have one agent running and reuse my SSH  
>>> key for
>>> authentication.
>>
>> That would be awesome indeed. But that would involve quite some
>> changes on server side,
>> I'll forward this mail to catalog-sig for Richard, Martin and  
>> others's feedback
>
> I'm fairly skeptical. First, the infrastructure is *not* yet in place.
> Nobody has uploaded SSH keys to PyPI,

Right. PyPI would have to grow the ability to manage public keys for  
users.

> and in order to allow SSH access,
> we probably would need to create a Unix account,

No, you would not.

> which then runs a fixed
> (Python) program on ssh login. That is much less secure than the  
> current
> setup, in the sense that this program can probably tricked much easier
> than Apache can. So it opens a door for people hacking into the  
> system;
> all they have to do is to create a fake PyPI account and upload an SSH
> key...

No. You'd have a new server process, written in Python using Twisted  
or paramiko,  that would would provide a small number of specialized  
commands and that would read public keys from the pypi database for  
authentication and update the database in response to commands,

Jim

--
Jim Fulton
Zope Corporation




More information about the Catalog-SIG mailing list