Date: Wed, 01 Oct 1997 15:53:33 +0930 From: Mike Smith <mike@smith.net.au> To: Chuck Robey <chuckr@glue.umd.edu> Cc: Mike Smith <mike@smith.net.au>, Peter Korsten <peter@grendel.IAEhv.nl>, chat@FreeBSD.ORG Subject: Re: Microsoft brainrot (was: r-cmds and DNS and /etc/host.conf) Message-ID: <199710010623.PAA00723@word.smith.net.au> In-Reply-To: Your message of "Tue, 30 Sep 1997 21:13:14 -0400." <Pine.BSF.3.96.970930210221.21190K-100000@Journey2.mat.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> > So, I'll say it again; what we need is an interface which abstracts the > > content of the configuration information from its form. This will give > > us a foundation which will make implementing CM frontends much easier. > > How about considering the security problems and interface thing > separately? I keep on thinking that something like skip (the encrypted IP > channel) would make the security problem go away, wouldn't it? I *am* considering the two separately. The abstraction interface is just that; it abstracts however the system components are configured into a logical interface layer. The issue with security is that if you want to manage the system remotely you have to make this interface layer accessible, and given that it effectively gives you total control over the system it's imperative that you be able to secure the interface. SKIP is just another way of getting a secure pipe; ssh is pretty good at that too, and in fact sufficiently good that combined with a plain text password it'd be enough. To use ssh for this you'd have to run it in port-mirror mode, where it forwarded a local-access-only port off the to-be-configured system to the UI-hosting system. You could offer this as the "enhanced security" mode and the no-encryption alternative as the "basic security" mode. The major downside with this is that ssh for win32 and the Mac costs not insubstantial money (about US$100 a seat IIRC), and I don't know if this would be acceptable. It's also less than perfect in that on a multiuser UI-hosting system it'd be possible to try to bruteforce your way in. Still, if people will buy this, and the US govt doesn't pass the threatened legislation outlawing even vaguely secure crypto, then this is a viable technique. Comments? > Doing something based upon HTTP means that you'd get character mode and > browser inerfaces for free, essentially. Is this also true? I want to > see if these questions can be ansswered separately, Mike, so that the area > of the problem can be cut down. That depends. Peter's proposal mandates a graphical browser and heavy Java. I don't like that as the LCD, but yes, a well-engineered set of pages would allow for any browser to drive the stuff. I *know* we have plenty of HTML studs here that would be up to coding this sort of thing, and much of it could be actively generated anyway. > If one of the above isn't true, I'll go back to it. You're right on > keeping any answer small enough to be reasonably packageable. I think > that doing it via java cuts out a character mode interface, and shouldn't > be absolutely needed. I would think a good perl script, and a web server > would do, wouldn't it? Is there any likelihood you see of being able to > do the job without a web server? A small embedded server would do the job just fine. We could use one of the Berkley-compatible ones bolted into a Tcl interpreter (eg.) to get a smooth interface to the config abstraction as well as all the server-side smarts necessary. (or Perl, or a binary, or whatever) > The only other possibility that I see is tcl/tk, which is very > multiplatform now, and freely available. I don't see a character mode > interface for it, tho. I agree it's a good thing to have, but I kinda > wonder if the group that runs character mode doesn't intersect largely > with the group of lo level hackers who will turn up their noses at any gui > based system console anyhow. I can see this being somewhat of a possibility. If we can improve the ease of getting X up on a new system, this is a very ripe alternative. > Am I right so far? I'm just trying to catch up with you. Prettymuch there. I'd *really* like to know what people think about using ssh in port-mirror mode to achieve the secure comms. mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199710010623.PAA00723>