[Catalog-sig] PyPI ssh access

Jakub Wilk jwilk at jwilk.net
Tue Nov 23 20:29:28 CET 2010

* "Martin v. Löwis" <martin at v.loewis.de>, 2010-01-11, 23:06:
>I have now set up SSH access for PyPI. The procedure works like this:
>1. upload your SSH key(s) to your PyPI account.
>2. Connect using 'ssh -T submit at pypi.python.org', and send a single HTTP
>   request. PyPI will associate the request with the respective PyPI
>   account.

I redirect ssh's stdin/stdout to a normal TCP socket using socat[0], so 
that I could use the connection with distutils or my web browser. It 
works very well, but I have two feature requests.

1) Could
<base href="http://pypi.python.org/pypi"/>
be replaced with:
<base href="/pypi"/>
? That would allow me to access PyPI with my browser in a more natural 

2) Could Authorization: headers be entirely ignored when user is already 
authorized with SSH? That would allow me not to store my password in 
.pypirc, even without patching distutils.

[0] http://www.dest-unreach.org/socat/socat-version2.html

Jakub Wilk

More information about the Catalog-SIG mailing list