Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.
  • by btrott (654) on 2002.03.12 2:04 (#5775) Homepage
    This sounds somewhat like Penguin. I actually wrote a prototype of a new version of Penguin that uses SSH for transport and authentication. I abstracted out the subsystem SSH stuff (that SFTP uses) so that it's very easy to build systems on top of SSH--this secures the entire transport layer, and lets the system just send messages between client and server.

    It worked. I didn't really handle authorization, though--it was just standard SSH authentication. You could hack in authorization on top of the SSH identity file authorization; or you could do it at an application level.

    Let me know if you'd like to see the code (it's actually very simple).
    • Oh, hey. Didn't know you were hanging around use.perl :)

      Yes, a couple of others have mentioned Penguin as well and I've taken a look. I tried contacting the author, but haven't heard back. I didn't really expect anything - looks like it's been five years since it was last touched.

      I was actually looking at your Crypt::OpenPGP module the other day as a possible solution. I know nothing about PGP, so I was thinking of buying the ORA book on it just for that!

      Securing the transport layer wasn't somethi

      • Yes, a couple of others have mentioned Penguin as well and I've taken a look. I tried contacting the author, but haven't heard back. I didn't really expect anything - looks like it's been five years since it was last touched.

        I tried contacting him about Penguin over five years ago, and never heard back. :-)

      • Using Crypt::OpenPGP would be another option that would work quite well. That would give you more control over authentication etc, but with the same amount of security--you could encrypt each message to secure the transport, and sign it to perform authentication.

        I'll send you the code when I get access to it again, in a couple of days (at SXSW right now :).