Re: g_spawn_async_with_pipes() & ssh based IPC



Michael Cronenworth wrote:
Thomas Stover on 07/09/2009 02:37 PM wrote:
Is all this in anyway better than
a maybe a custom tls/ssl server or something? I know this is slightly
off topic, but I know everybody has had to ask themselves this same
question.
It's simple to write a GnuTLS server/client setup. Why don't you want to
do that?
I've done an openssl one before, and I'll look at gnutls, but the 
problems with that route as I see it are mainly:
-you have to authenticate connections somehow- portably, and securely. 
Where as with ssh the OS just provides you with UIDs. I'm not a fan of 
the completely separate user database just for the one program 
architecture either.
-(related to authentication) key management - ssh does all that already 
(ssh-agent, etc) (although the gnome-keyring library works for *nix)
-more options for an admin to deal with
-as legacy as ssh is, it does so much so well. It just "feels" like leveraging that would be a good idea.
Also I might be thinking of the wrong project, but I have some vague 
memory of GnuTLS taking the downloads on their site down in protest 
after 911 (unless you donated money) or something quacky like that. 
(I'm  pretty sure I shouldn't have said that, but whatever).



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]