[IPython-dev] Disabling Authentication for Kernels

MinRK benjaminrk at gmail.com
Mon Mar 2 19:37:02 EST 2015


Thanks for working on this, Andrew. I tried to help work on it a bit this
morning, but my Haskell-fu is weak. I'll see if I can help iTorch out. I
seem to be able to fake my way through Lua a bit better than I can Haskell.

-MinRK

On Mon, Mar 2, 2015 at 2:45 PM, Andrew Gibiansky <andrew.gibiansky at gmail.com
> wrote:

> Thank you all! I had missed the fact that it was using `hexdigest` as
> opposed to `digest`. It works now, albeit perhaps with a substandard SHA
> implementation (speed wise).
>
> -- Andrew
>
> On Mon, Mar 2, 2015 at 2:20 PM, Brian Wolf <bw at activustech.com> wrote:
>
>>  Here's how I implemented authentication in Python for a project a few
>> years ago.
>>
>> from passlib.context import CryptContext
>>
>>
>> pwd_context = CryptContext(
>>     schemes=["sha256_crypt", "sha512_crypt", "pbkdf2_sha256"],
>>     default="sha256_crypt",
>>     all__vary_rounds = "10%",
>>     sha256_crypt__default_rounds = 10000
>>     )
>>
>>
>> if pwd_context.verify(pwd_during_login, pwd_in_db):
>>     # password hashes match; set user as logged in
>> else:
>>     # password hashes do not match; user not logged in
>>
>>
>>
>> Thank you.
>> Brian
>>
>> ------------------------------
>>
>>
>>    - Activus Technologies
>>    - Brian Wolf
>>    - Phone: 410.367.2958
>>    - ✓ Recurring payment solutions
>>    - ✓ Custom software development
>>
>>  On 03/02/2015 03:14 PM, Andrew Gibiansky wrote:
>>
>> Sounds reasonable. I sadly am not very well-versed in cryptographic
>> hashing, which is why I originally avoided dealing with it.
>>
>>  I've now implemented HMAC-SHA256 signing, but am generating invalid
>> signatures. So, two questions:
>>
>>  1. What are good ways to debug this?
>> 2. My suspicion is that I am treating the key incorrectly. If I
>> understand correctly, the provided key is something like
>> "base64-base64-base64". Is that string meant to be taken literally as the
>> key (when decoded from Utf8), or is the idea to do a base64 decoding of
>> that and use that as the key?
>>
>>  Thanks,
>> -- Andrew
>>
>> On Mon, Mar 2, 2015 at 9:33 AM, Thomas Kluyver <takowl at gmail.com> wrote:
>>
>>>  On 2 March 2015 at 00:23, Andrew Gibiansky <andrew.gibiansky at gmail.com>
>>> wrote:
>>>
>>>> Is there a way to disable authentication for a kernel via its
>>>> kernelspec/kernel.json? If not, is there any way around this issue other
>>>> than creating a custom profile (or biting the bullet and figuring out and
>>>> implementing authentication)?
>>>
>>>
>>>  If your language has a working HMAC library, implementing the
>>> authentication should be trivial. Even in R, it wasn't hard:
>>> https://github.com/takluyver/IRkernel/blob/master/R/kernel.r#L15
>>>
>>>  Thomas
>>>
>>> _______________________________________________
>>> IPython-dev mailing list
>>> IPython-dev at scipy.org
>>> http://mail.scipy.org/mailman/listinfo/ipython-dev
>>>
>>>
>>
>>
>> _______________________________________________
>> IPython-dev mailing listIPython-dev at scipy.orghttp://mail.scipy.org/mailman/listinfo/ipython-dev
>>
>>
>>
>> _______________________________________________
>> IPython-dev mailing list
>> IPython-dev at scipy.org
>> http://mail.scipy.org/mailman/listinfo/ipython-dev
>>
>>
>
> _______________________________________________
> IPython-dev mailing list
> IPython-dev at scipy.org
> http://mail.scipy.org/mailman/listinfo/ipython-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/ipython-dev/attachments/20150302/73a8b610/attachment.html>


More information about the IPython-dev mailing list