Antoine Pitrou added the comment: > Martin has created a SSH uploader for distutils > http://pypi.python.org/pypi/pypissh. I suggest that we include the > feature in the next security update for Python 2.6 to 3.3. I'm well > aware that this beats the "no new feature" clause but in my opinion > "security beats purity".
"this package performs heavy monkey-patching of distutils to make it use the system's ssh command. Users using this package should run ssh-agent (which runs automatically in the background on many systems) and load their PyPI key into the ssh agent." I don't think this bodes well for immediate inclusion, especially in a bugfix release. Perhaps some time should be taken to clean it up and then include it in 3.4. I'm still not sure why this would be better than HTTPS upload, though. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue17121> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
