Quoting Petter Reinholdtsen (2013-09-01 14:16:56) > Hi. Would it be an idea to provide Kerberos authentication in > freedombox, and use remctl instead of exmachina for root execution? > > The exmachina source seem to be fairly new and unproven, while remctl > is already used in production at Stanford, see <URL: > http://www.eyrie.org/~eagle/journal/2013-08/003.html > for a blog post > about this usage. Kerberos have the advantage of never sending the > password over the net, and providing support for single sign on for > services that support it.
I am still unfamiliar with exmachina, but seems to me that its purpose is to handle execution of cross-account yet same-host, whereas purpose of remctl seems to be remote-host execution. Seems wrong for me to expect non-technical users of some "black box" to be in possesion of Kerberos-enabled systems needed for controlling their box. ...but I suspect I am simply missing something obvious here... - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
_______________________________________________ Freedombox-discuss mailing list Freedombox-discuss@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss