emacs-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] lisp/server.el: Introduction of server-auth-key variable

From: Michal Nazarewicz
Subject: Re: [PATCH] lisp/server.el: Introduction of server-auth-key variable
Date: Fri, 29 Apr 2011 18:35:23 +0200
User-agent: Opera Mail/11.10 (Linux)
On Fri, 29 Apr 2011 18:22:27 +0200, Stefan Monnier <address@hidden> wrote: 


+In some situations however, it can be difficult to share randomly
+generated password with remote hosts (eg. no shared directory),


ssh/scp work fine for me.


Yes, but you'd have to send the key every time you connect to the remote
host and every time you restart emacs.  I thought about something like
that but decided that it'd be easier to just use a single shared key.


+so you can set the key with this variable and then copy server
+file to remote host (with possible changes to IP address and/or
+port if that applies).


IIUC this only makes sense if you want to use a shared key that you keep
for a "long" time (since the intention is to reduce the frequency of
key-distribution).


Yep, that's my use-case.


Now the server keys are sent in the clear over the network, so the
security we provide is rather minimal.


In my case it's not actually an issue since I use OpenVPN to connect
to my remote host, not to say that in general this may decrease
security for some users should they choose to use it.


OT1H that means your patch should be OK since we don't really have
security anyway.  OTOH it means that it makes the security threat
more serious.


--
Best regards,                                         _     _
.o. | Liege of Serenely Enlightened Majesty of      o' \,=./ `o
..o | Computer Science,  Michal "mina86" Nazarewicz    (o o)
ooo +-----<email/xmpp: address@hidden>-----ooO--(_)--Ooo--
reply via email to
[Prev in Thread] Current Thread [Next in Thread]