[zeromq-dev] OpenSSH replacement with zeromq

alex. thissideup at riseup.net
Tue Dec 20 12:20:51 CET 2016


Indeed, talking to groups of servers + discovery would be the features
I'd want in an OpenSSH replacement.

For crypto, do go for the (native) CurveZMQ route, as in the end it
boils down to placing the public key of your machine on the servers. The
CurveZMQ (and the CurveCP project from which it is basically forked off)
are very neat crypto protocols and, when used correctly, gives pretty
good security.

Also check up on Salt[1], as it can already basically be used as a
distributed OpenSSH replacement.

[1]: https://docs.saltstack.com/en/latest/

On 20.12.2016 12:08, Kevin Sapper wrote:
> I like it! 
> 
> Though I would not drop the zyre dependency as sending commands to a
> group of servers and discovery are neat features for a ssh system IMO.
> 
> //Kevin
> 
> On Di, Dez 20, 2016 at 11:27 , Luca Boccassi <luca.boccassi at gmail.com>
> wrote:
>> On Tue, 2016-12-20 at 10:31 +0100, Benjamin Henrion wrote:
>>
>>     Hi, Last year I worked with Pieter on the glard, a zyre daemon to
>>     send commands to multiple devices on the LAN. We made a demo kit
>>     with multiple openwrt routers with some bike lamps to show the
>>     concept: https://github.com/CodeJockey/glar150 Now my idea was to
>>     fork the tool and make it a simple OpenSSH replacement. I don't
>>     know how it easy it is to add encryption keys. We could also think
>>     about removing the GPIO LEDs and Zyre support in Glard and treat
>>     it as a simple remote command executor. What do you think? 
>>
>> Sounds like an interesting hackaton project! :-) For encryption,
>> adding support for curve would probably be the safest and simplest
>> thing I guess? For zgossip based setups at least, as zbeacon is pure
>> UDP Kind regards, Luca Boccassi
>> _______________________________________________ zeromq-dev mailing
>> list zeromq-dev at lists.zeromq.org <mailto:zeromq-dev at lists.zeromq.org>
>> https://lists.zeromq.org/mailman/listinfo/zeromq-dev
> 
> 
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> https://lists.zeromq.org/mailman/listinfo/zeromq-dev
> 



More information about the zeromq-dev mailing list