Well if I don't have ssh access to the machine, then I can't get in and install mercurial on it and whatnot. I also cannot host my mercurial repositories over ssh.
I was just trying to say that, even though most users might not need to ssh into the system, don't lock it down so it loses the ability to, is all I'm saying. -Thadeus On Tue, Feb 16, 2010 at 12:44 AM, mdipierro <mdipie...@cs.depaul.edu> wrote: > explain more please > > On Feb 15, 10:35 pm, Thadeus Burgess <thade...@thadeusb.com> wrote: >> what if i want my server to host ssh mercurial repositories ? >> >> -Thadeus >> >> On Mon, Feb 15, 2010 at 10:32 PM, mdipierro <mdipie...@cs.depaul.edu> wrote: >> > I am not suggesting that as a general solution. What I have in mind is >> > an appliance with a single account (root or whatever). The root >> > password is the only parameter set by the hosting provider and >> > communicated to the user. The user never ssh into the vps. He instead >> > uses the provided password to login into web2py admin and changes the >> > web2py admin password (not the root password). From that moment on >> > web2py works as usual. We could provide enough web2py tools to >> > completely manage the vm from inside. >> >> > On Feb 15, 9:20 pm, Thadeus Burgess <thade...@thadeusb.com> wrote: >> >> Potential security risk validating against root. but a user account >> >> definitely. >> >> >> -Thadeus >> >> >> On Mon, Feb 15, 2010 at 7:46 PM, mdipierro <mdipie...@cs.depaul.edu> >> >> wrote: >> >> > Currently in admin you login using a password stored in the file >> >> > parameters_443.py (443 is the post number). >> >> >> > I would like the option that if parameters_443.py contains >> >> > password='posix:root' >> >> >> > then web2py admin authenticates the visitor using the 'root' password. >> >> >> > I do not know how to do it but it would be a really nice feature to >> >> > have. In particular when running on a VPS. >> >> >> > Can anybody help? >> >> >> > All I would need a simple script that given a username and some text >> >> > checks whether that is a the valid password for the user. >> >> >> > Massimo >> >> >> > -- >> >> > You received this message because you are subscribed to the Google >> >> > Groups "web2py-users" group. >> >> > To post to this group, send email to web...@googlegroups.com. >> >> > To unsubscribe from this group, send email to >> >> > web2py+unsubscr...@googlegroups.com. >> >> > For more options, visit this group >> >> > athttp://groups.google.com/group/web2py?hl=en. >> >> > -- >> > You received this message because you are subscribed to the Google Groups >> > "web2py-users" group. >> > To post to this group, send email to web...@googlegroups.com. >> > To unsubscribe from this group, send email to >> > web2py+unsubscr...@googlegroups.com. >> > For more options, visit this group >> > athttp://groups.google.com/group/web2py?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "web2py-users" group. > To post to this group, send email to web...@googlegroups.com. > To unsubscribe from this group, send email to > web2py+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/web2py?hl=en. > > -- You received this message because you are subscribed to the Google Groups "web2py-users" group. To post to this group, send email to web...@googlegroups.com. To unsubscribe from this group, send email to web2py+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/web2py?hl=en.
