Quoting Richard Jones <rich...@python.org>:
Thanks everyone who helped make this happen. From my perspective* I believe the ssh upload mechanism was added to address security issues around the basic-auth-over-http method used historically. Now uploads *may* be done over https, and those using the ssh method can move over to using twine or pip upload, I think that it's reasonable to discontinue support for ssh uploads.
There is one usecase that still isn't addressed by any of the alternatives: Automated uploads still require the password to be stored on disk. So if the laptop is stolen, the password may get stolen as well. With SSH upload, the authentication comes from the ssh-agent, which protects the credentials better (i.e. if the laptop is powered-down, or requires the user to enter a password on access, the key is protected). It has been suggested to resolve this using the keyring library (which would give the same protection to the password as ssh-agent to the private key), but a) I don't think it actually *has* been implemented, and b) to properly implement it (i.e. without monkey-patching register/upload), it would have to be done in CPython, and c) that would require to put keyring into CPython, which could happen in Python 3.5 at the earliest. So I suggest that somebody does a), and then provides a package that works around b) and c) by monkeypatching distutils (just like pypissh does). In any case, if you really chose to discontinue SSH access, I suggest that you also change the UI to drop registration of SSH keys, and then ultimately remove them from the schema. BTW, you can get an indication of how many users this might affect by checking how many users have keys registered. Regards, Martin _______________________________________________ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig
