[erlang-questions] two questions: secure traffic and

Siraaj Khandkar <>
Sat Oct 20 06:35:29 CEST 2012


On Oct 20, 2012, at 12:18 AM, Wes James wrote:

> On Fri, Oct 19, 2012 at 10:13 PM, Siraaj Khandkar <>wrote:
> 
>> On Oct 20, 2012, at 12:02 AM, Wes James wrote:
>> 
>>> I finally have some of the functionality of:
>>> 
>>> https://github.com/comptekki/esysman
>>> 
>>> updated from just PC management to Linux and Mac.
>>> 
>>> I have some questions regarding secure traffic and running as a root
>>> process for some comands on linux/mac.
>>> 
>>> 1. How do I secure the traffic between nodes?  I tried to find the email
>>> about that the cookie was really not a security item and that the traffic
>>> is just tcp.  What is best practice to secure traffic between nodes?
>> 
>> Currently, the stable choice is a VPN tunnel between nodes on an untrusted
>> network.
>> 
>> Alternatively, if you feel like exploring new grounds, you can try
>> communicating
>> over SSH. Kenji Rikitake made the proof of concept here:
>> 
>> https://github.com/jj1bdx/sshrpc
> 
> 
> Ok thanks for these!

You're very welcome.


>>> 2. On windows, I install the service and it has admin privs to do most
>>> anything.  What would the best way be to install an erlang service that
>>> needs to do "root" work on linux/mac systems?
>> 
>> sudo
>> 
>> 
> I've always used sudo with a password, but it looks like I could set up a
> user that doesn't require a password:
> 
> http://www.ducea.com/2006/06/18/linux-tips-password-usage-in-sudo-passwd-nopasswd/
> 
> Is there a different way?  Since when the app would sudo command remotely,
> it would ask for a password where there's no way to type it in.

As long as you have "NOPASSWD:" option configured, it should work just as well
over SSH as it does at a console. I do it all the time.


-- 
Siraaj Khandkar
.o.
..o
ooo




More information about the erlang-questions mailing list