On 21-01-2025 15:34, Cristian Rodríguez wrote:
On Tue, Jan 21, 2025 at 6:05 AM Erik Slagter <erik@xxxxxxxxxxxx> wrote:
So now we have wavered all responsibilities. Is it possible or is it not
possible? Dbus-broker listening on tcp? If it's not possible, my
question is answered and I can go move on.
Come on..if you do that just configure stunnel to do what you want
with PSK auth. it supports all sorts of sockets and provides you with
the minimal security you need.
Please note, as I find out yesterday: remote access to a dbus can work
using socat, probably using stunnel as well. Stunnel would add the
advantage of encryption BUT it doesn't help for authentication.
Apparently the authentication of dbus itself also "works" remotely. It
appears the authentication cookie sent by the remote client can only be
validated (and accepted) when the user id is equal between the remote
client and socat (or stunnel) running locally. Still not as secure as a
local dbus, but it's not that just everyone can connect.
