[IPython-dev] pyzmq authentication

MinRK benjaminrk at gmail.com
Tue May 31 13:57:33 EDT 2011

We did briefly have an encrypted socket, but the zeromq community
rightly opposed that rather vehemently, largely because we aren't
security experts, and the illusion of security provided by a poor
implementation is really *less* secure than having no security at all.

Our answer with IPython is that SSH provides our security.  Typically
the Controller listens on localhost, and the best way to connect to it
from another machine is with an SSH tunnel (IPython does help create
the tunnels) rather than listening on a public port.  We do provide a
small level of additional security by including an authentication key
in all messages that is checked when receiving to determine if the
sender is authorized to make a request.

That said, the SSH tunnel tools (IPython.external.ssh) don't depend on
anything else in IPython, so we have thought about moving them to
pyzmq itself.


On Tue, May 31, 2011 at 10:42, Jason Grout <jason-sage at creativetrax.com> wrote:
> In the docs for ipython, there are big warnings about the insecurity of
> using ZMQ.  Has anyone thought about adding authentication support to
> the pyzmq bindings, similar to what is done in the multiprocessing
> Connection objects?
> http://docs.python.org/dev/library/multiprocessing#authentication-keys
> (see also the examples in
> http://docs.python.org/dev/library/multiprocessing#multiprocessing.connection.Listener)
> I realize that it is not in the design scope of ZMQ itself to implement
> security, but the python bindings might be the right level for at least
> authentication.
> Thanks,
> Jason
> --
> Jason Grout
> _______________________________________________
> IPython-dev mailing list
> IPython-dev at scipy.org
> http://mail.scipy.org/mailman/listinfo/ipython-dev

More information about the IPython-dev mailing list