[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Guix and remote trust

From: zimoun
Subject: Re: Guix and remote trust
Date: Fri, 13 Dec 2019 12:05:58 +0100

Hi Pierre,

Sorry if I am dumb but I do not understand what is your use-case and
what you try to achieve.

I imagine... so maybe I am totally out of your scope.

Let consider Alice and Bob and 2 machines: aneto and balaitou.
Alice runs aneto, it is her local machine.
And she has an SSH access to balitou. And say this access is non-root,
only Bob has root access on balaitou.

Your question is: how can Alice be sure that she runs the same
binaries on aneto and balaitou? other said how can she detect baloitou
has been compromised?
Is it your use-case?

If yes, Alice can :

 1. check the integrity on the balaitou machine by running "guix gc --verify"
 2. publish the store of aneto with "guix publish"
 3. challenge the store of balaitou against the store of aneto with
"guix challenge"

Does not fit your use-case?


reply via email to

[Prev in Thread] Current Thread [Next in Thread]