Programming language

Hui Zhou zhouhui at wam.umd.edu
Tue Feb 1 13:48:53 PST 2005


On Tue, Feb 01, 2005 at 02:17:01PM -0700, Gerard Beekmans wrote:
>On Tue, 2005-02-01 at 12:31, Hui Zhou wrote:
>> Authentication is tough. I suggest trust based authentication. Define 
>> a key or ip(or many) on the server and instruct the server only 
>> listens to those. That's easy. Others takes a professional to 
>> implement and make sure it's secure. 
>
>That would be one way yes. You could do a simple password-based
>authentiation too of course and use unix system accounts. This daemon on
>the server probably has to run as root or have root priviledges which
>may pose other security problems of course.

That almost make it a login process, I guess we can. 
It is dangous to implement its own authentiation routine.  There is 
no simple password-based authentiation, there is only secure one or 
insecure one.

>There's ssh tunneling which would work. Let SSH take care of the
>authentication bit with public keys and what not and listen for a
>connection on localhost:someport.

In that case, do we need implement Server/Client structure at all?
Just have the psudo-client sit between the tunnel and work as if one 
is sitting infront of the pseudo-server.

-- 
Hui Zhou



More information about the alfs-discuss mailing list