On 1/14/08, Eli Criffield <elicriffield@xxxxxxxxx> wrote: > I hope this doesn't reopen a closed topic, I know it was left at "low > priority, but patches may be accepted". I disagree. I don't think func > should ever use SSH. SSH is a great protocols for what it does, RPC is > not it. One of the reasons to use func is the limitations of SSH. > > To use SSH as a transport you could either pipe to stdin/stdout, > create a new SSH subsystem (like sftp does), be expect like and parse > lines, or create a new SSHD deamon so you can control both ends like > you do now. Piping to stdin/stdout would lose a lot of functionality > of XMLRPC, you could only return a string from a function. Using > expect like commands is just pron to error, and isn't that what we're > trying to get away from? Creating a new SSH subsystem would probably > work OK, but it seems like a lot of work for no benefit over the > current system, and may have some limitations I'm not aware of. > Making your own SSHD would work fine, and wouldn't be that much work > if you used twisted conch libraries, but it would be a hard sell > replacing every running OpenSSH instance with your own beta SSHD. You > could run your SSHD on a different port, but then why not just run > your XMLRPC server? > > I've been using some form of SSH to manage many systems for years. I > finally decided that SSH as a transport is not suited for managing > many systems at once. When people say "cool does it do SSH" there > missing the point, they should be saying "It doesn't use use SSH, > Cool!". What is needed is a simple RPC protocol authenticated by a > signed key chain. SSL and XMLRPC fit the bill. If puppet weren't > written in Ruby I'd probably use that. > > Eli Criffield > > _______________________________________________ > Func-list mailing list > Func-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/func-list > Puppet works fine for configuration management, but, at least right now, func's primary audience is not those looking for a configuration management system. I agree about ssh ... ssh is great for remote administration but to actually manage lots of systems in a scriptable or programmable way you need something designed with that in mind. -- "An organisation that treats its programmers as morons will soon have programmers that are willing and able to act like morons only." -Bjarne Stroustrup _______________________________________________ Func-list mailing list Func-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/func-list
