From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce.mM37f48b8734998f5a42ba5afc.r522be890-2105-11eb-b15e-8d699134e1fa@9fans.bounce.topicbox.com>
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.0 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,
	RCVD_IN_ZEN_BLOCKED_OPENDNS,URIBL_DBL_BLOCKED_OPENDNS,
	URIBL_ZEN_BLOCKED_OPENDNS autolearn=ham autolearn_force=no
	version=3.4.4
Received: from txout-a3-smtp.messagingengine.com (txout-a3-smtp.messagingengine.com [103.168.172.226])
	by inbox.vuxu.org (Postfix) with ESMTP id E9FD225801
	for <ml@inbox.vuxu.org>; Tue, 30 Dec 2025 19:22:12 +0100 (CET)
Received: from localhost.localdomain (phl-topicbox-01.internal [10.202.2.219])
	by mailtxout.phl.internal (Postfix) with ESMTP id 0E8021C0119
	for <ml@inbox.vuxu.org>; Tue, 30 Dec 2025 13:22:11 -0500 (EST)
ARC-Authentication-Results: i=2; topicbox.com; arc=pass; dkim=pass (1024-bit rsa key
 sha256) header.d=weaselfish.com header.i=@weaselfish.com header.b=ppBurjeL
 header.a=rsa-sha256 header.s=mail x-bits=1024; dmarc=pass
 policy.published-domain-policy=none policy.applied-disposition=none
 policy.evaluated-disposition=none (p=none,d=none,d.eval=none)
 policy.policy-from=p header.from=weaselfish.com; spf=pass
 smtp.mailfrom=dworkin@weaselfish.com smtp.helo=mail.weaselfish.com;
 x-internal-arc=fail (as.1.topicbox.com=pass, ams.1.topicbox.com=fail (message
 has been altered)) (Message modified while forwarding at Topicbox)
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=
	topicbox.com; h=date:message-id:to:subject:from:in-reply-to
	:references:mime-version:content-type:content-transfer-encoding
	:list-help:list-id:list-post:list-subscribe:reply-to
	:list-unsubscribe; s=sysmsg-1; t=1767118931; bh=wXA+6pCYgFoGvDbo
	0fwGmd3UPZJyJeI7NjJAjQsIEW0=; b=Kq9Vb3Ls0WEjTHRU26eDepZfCrQXD1oq
	j3x/5lHZy576fpJ/NPRgywi29IPQ/ubCJQYuXJ4ib6BbxVz58YKoEPs3zZzKmgk3
	pW7NEuG08XF9hJm3B9E5QPKvoYLF+EjJEsbbBQsICfOkxj77opmWtsUdIVjhEPzY
	ZEPio3u1c1w=
ARC-Seal: i=2; a=rsa-sha256; cv=pass; d=topicbox.com; s=sysmsg-1; t=
	1767118931; b=sAztbKWDpLg8eNHyh5YOtYZYB9baKl46D9FHqLI8JYM2ky2tDu
	sJz4myrkSIw85zVgHQz0E4/ycK2wxCYNgqFc2Iknzi+7b8hV/PO03MK10mQgww2k
	HP/I8glAnnWRJALEq28g6R8PrcnLdbnQs+DlKjMnVSeUckbguf/QaoKtI=
Authentication-Results: topicbox.com; arc=pass; dkim=pass (1024-bit rsa key
 sha256) header.d=weaselfish.com header.i=@weaselfish.com header.b=ppBurjeL
 header.a=rsa-sha256 header.s=mail x-bits=1024; dmarc=pass
 policy.published-domain-policy=none policy.applied-disposition=none
 policy.evaluated-disposition=none (p=none,d=none,d.eval=none)
 policy.policy-from=p header.from=weaselfish.com; spf=pass
 smtp.mailfrom=dworkin@weaselfish.com smtp.helo=mail.weaselfish.com;
 x-internal-arc=fail (as.1.topicbox.com=pass, ams.1.topicbox.com=fail (message
 has been altered)) (Message modified while forwarding at Topicbox)
X-Received-Authentication-Results: authmilter.topicbox.com; arc=none (no
 signatures found); bimi=skipped (DMARC Policy is not at enforcement);
 dkim=pass (1024-bit rsa key sha256) header.d=weaselfish.com
 header.i=@weaselfish.com header.b=ppBurjeL header.a=rsa-sha256 header.s=mail
 x-bits=1024; dmarc=pass policy.published-domain-policy=none
 policy.applied-disposition=none policy.evaluated-disposition=none
 (p=none,d=none,d.eval=none) policy.policy-from=p header.from=weaselfish.com;
 iprev=pass smtp.remote-ip=71.216.54.171 (mail.weaselfish.com); spf=pass
 smtp.mailfrom=dworkin@weaselfish.com smtp.helo=mail.weaselfish.com;
 x-aligned-from=pass (Address match); x-me-sender=none; x-ptr=pass
 smtp.helo=mail.weaselfish.com policy.ptr=mail.weaselfish.com;
 x-return-mx=pass header.domain=weaselfish.com policy.is_org=yes (MX Records
 found: mail.weaselfish.com); x-return-mx=pass smtp.domain=weaselfish.com
 policy.is_org=yes (MX Records found: mail.weaselfish.com); x-tls=pass
 smtp.version=TLSv1.3 smtp.cipher=TLS_AES_256_GCM_SHA384 smtp.bits=256/256;
 x-vs=clean score=15 state=0
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=9fans.net; h=date
	:message-id:to:subject:from:in-reply-to:references:mime-version
	:content-type:content-transfer-encoding:list-help:list-id
	:list-post:list-subscribe:reply-to:list-unsubscribe; s=dkim-1;
	 t=1767118931; x=1767205331; bh=4Pm2YTNhYMUxSW3FBaOfSk9+avD4RzyA
	s5lwkvj9cbw=; b=OO0vWr7b9M+p2OxzzNrTcLAInc8Mkxy166b/DhOybh/zkCtu
	xuYUa/WdeMrJ941dQ/4m311Or330ts7Yvw4F8640VPaNBA2BMkIuoyZxbOkZwZdh
	obLb/Q4pX6iWy3ytVwu57kX/r6S7a9g760J1rFfdbfPk85GsVq9P3MIxU7g=
Received: from authmilter.topicbox.com (unknown [172.17.0.1])
	by mx.topicbox.com (Postfix) with ESMTP id 56D224D80027
	for <9fans@9fans.net>; Tue, 30 Dec 2025 12:56:51 -0500 (EST)
Received: from mx.topicbox.com (172.17.0.1 [172.17.0.1])
    by authmilter.topicbox.com (Authentication Milter) with ESMTP
    id A7BFD527977;
    Tue, 30 Dec 2025 12:56:51 -0500
ARC-Seal: i=1; a=rsa-sha256; cv=none; d=topicbox.com; s=arcseal; t=
    1767117411; b=aWf5fsaIbZmUNcwWIeJXM+iO7d0F1D7yWfThL70+apxDm6b6fF
    BZ1tlB5v4uRDU9eaEKLVxdsfcJ8nArtly/PaYN2ZDkYBMS+Nfnx5phamQ9yJFjJC
    DcuYzVrLAtPAxFFnRX1gypxjUMY8nJ+NT4OLxmsJTzgB3MH/sDwfn84rQ0t1DO02
    Vpdu6XnH30GD+HCgcQNRtxATn7TiRacgTp1foUysSb6lWeNK9KiKUHgEvpJc8Bk6
    C/SUJ/4ziel5jaKKu0szI9tkvMIlY1u0wKfdiQXYcYwB2Kypo3eVz/LkpDjm9sfq
    Cf01aD08cZmgd59zmCwPRUCHPbipL6HOUrEg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=
    topicbox.com; h=date:message-id:to:subject:from:in-reply-to
    :references:mime-version:content-type:content-transfer-encoding;
    s=arcseal; t=1767117411; bh=kQvNqk1gd7DBym6xL+Z+9TyqBq0hraFk/ZI
    4ldiBNT8=; b=Mr3ur//7l72Z3396QwCv6edTv1iNeHNVLADp3wceitZjtCe3Pk7
    p+VIhwPk6s1ys0BlmnuTjb0bMjQ03T31sIHmTPvfI3ly5xWjPqv+Fd9y4qb70q5y
    gHNq63Rqa7XiBqBOVM5pw0Eh4kNr1nyKI4MHCY/QjvPqWlxdxYXw8u/3SF8uGGcg
    4+yzp9L0OcPLDaTRK6FtcU7lP8C0QClpO2wC2/pnIRTNjvNkYf94NMNGLlh6xwmu
    mB0DstRS5jxF41h+A3WNmIMWXG6emWoJWc5LWgwl6lDMP9aEqi98IdTypKnXyy7t
    omDgkU904CtUZNCeoh3SSqhiZuL+cRs5/Yg==
ARC-Authentication-Results: i=1; authmilter.topicbox.com;
    arc=none (no signatures found);
    bimi=skipped (DMARC Policy is not at enforcement);
    dkim=pass (1024-bit rsa key sha256) header.d=weaselfish.com
    header.i=@weaselfish.com header.b=ppBurjeL header.a=rsa-sha256
    header.s=mail x-bits=1024;
    dmarc=pass policy.published-domain-policy=none
    policy.applied-disposition=none policy.evaluated-disposition=none
    (p=none,d=none,d.eval=none) policy.policy-from=p
    header.from=weaselfish.com;
    iprev=pass smtp.remote-ip=71.216.54.171 (mail.weaselfish.com);
    spf=pass smtp.mailfrom=dworkin@weaselfish.com
    smtp.helo=mail.weaselfish.com;
    x-aligned-from=pass (Address match);
    x-me-sender=none;
    x-ptr=pass smtp.helo=mail.weaselfish.com policy.ptr=mail.weaselfish.com;
    x-return-mx=pass header.domain=weaselfish.com policy.is_org=yes
    (MX Records found: mail.weaselfish.com);
    x-return-mx=pass smtp.domain=weaselfish.com policy.is_org=yes
    (MX Records found: mail.weaselfish.com);
    x-tls=pass smtp.version=TLSv1.3 smtp.cipher=TLS_AES_256_GCM_SHA384
    smtp.bits=256/256;
    x-vs=clean score=15 state=0
X-ME-VSCause: gggruggvucftvghtrhhoucdtuddrgeefgedrtddtgdektdeikecutefuodetggdotefrod
    ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpggftfghnshhusghstghrihgsvgdp
    uffrtefokffrpgfnqfghnecuuegrihhlohhuthemuceftddtnecufghrlhcuvffnffculd
    duhedmnecujfgurhepfffkvffuhfgjfhhoofggtgfgsehtjeertdertddvnecuhfhrohhm
    pefffihorhhkihhnucfouhhllhgvrhcuoegufihorhhkihhnseifvggrshgvlhhfihhshh
    drtghomheqnecuggftrfgrthhtvghrnhepueettdduvdfhhfegveeivdfffeevtdffudej
    vddtvdefgfelkefgkeetgeetteejnecukfhppeejuddrvdduiedrheegrddujedunecuve
    hluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehinhgvthepjedurddvudeirdehgedr
    udejuddphhgvlhhopehmrghilhdrfigvrghsvghlfhhishhhrdgtohhmpdhmrghilhhfrh
    homhepoegufihorhhkihhnseifvggrshgvlhhfihhshhdrtghomheqpdhnsggprhgtphht
    thhopedupdhrtghpthhtohepoeelfhgrnhhsseelfhgrnhhsrdhnvghtqe
X-ME-VSScore: 15
X-ME-VSCategory: clean
Received-SPF: pass
    (weaselfish.com: 71.216.54.171 is authorized to use 'dworkin@weaselfish.com' in 'mfrom' identity (mechanism 'a:mail.weaselfish.com' matched))
    receiver=authmilter.topicbox.com;
    identity=mailfrom;
    envelope-from="dworkin@weaselfish.com";
    helo=mail.weaselfish.com;
    client-ip=71.216.54.171
Received: from mail.weaselfish.com (mail.weaselfish.com [71.216.54.171])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
	(No client certificate requested)
	by mx.topicbox.com (Postfix) with ESMTPS
	for <9fans@9fans.net>; Tue, 30 Dec 2025 12:56:50 -0500 (EST)
Received: from localhost (harrowhark.dworkin.village.org [10.1.1.32])
	by mail.weaselfish.com (OpenSMTPD) with ESMTPSA id 0a446c0a (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO);
	Tue, 30 Dec 2025 10:56:49 -0700 (MST)
Date: Tue, 30 Dec 2025 10:56:43 -0700 (MST)
Message-Id: <20251230.105643.1185666151293172501.dworkin@weaselfish.com>
To: 9fans@9fans.net, david@arroyo.cc
Subject: Re: [9fans] Solo factotum
From: Dworkin Muller <dworkin@weaselfish.com>
In-Reply-To: <1076b151-30f7-42e9-ba16-be8ddefc64c6@app.fastmail.com>
References: <760adea1-7ed3-4c91-a320-8e54267cb01c@app.fastmail.com>
	<e70fea20-3ed8-4180-a974-629509e7243d@sirjofri.de>
	<1076b151-30f7-42e9-ba16-be8ddefc64c6@app.fastmail.com>
Organization: Weaselfish Consulting
X-Mailer: Mew version 6.7 on Emacs 23.2 / Mule 6.0 (HANACHIRUSATO)
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Topicbox-Policy-Reasoning: moderate: reply to existing message
Topicbox-Message-UUID: ebda6486-e5a8-11f0-86a7-aaf46bc11ef0
Archived-At: =?UTF-8?B?PGh0dHBzOi8vOWZhbnMudG9waWNib3guY29tL2dyb3Vwcy85?=
 =?UTF-8?B?ZmFucy9UYTYwNzUyNjYzZmYwODQ0OC1NMzdmNDhiODczNDk5OGY1YTQyYmE1?=
 =?UTF-8?B?YWZjPg==?=
List-Help: <https://9fans.topicbox.com/groups/9fans>
List-Id: "9fans" <9fans.9fans.net>
List-Post: <mailto:9fans@9fans.net>
List-Software: Topicbox v0
List-Subscribe: <https://9fans.topicbox.com/groups/9fans>
Precedence: list
Reply-To: 9fans <9fans@9fans.net>
List-Unsubscribe: <https://9fans.topicbox.com/groups/9fans>,
 <mailto:9fans+unsubscribe@9fans.net?subject=x-tx-unsubscribe:2:9fans:437d30aa-c441-11e9-8a57-d036212d11b0:522be890-2105-11eb-b15e-8d699134e1fa:M37f48b8734998f5a42ba5afc:0:dFIpN5ztHzzpBSgY8LHp163Dfbp6WPk3jwitLA6iVPM>
Topicbox-Delivery-ID:
 2:9fans:437d30aa-c441-11e9-8a57-d036212d11b0:522be890-2105-11eb-b15e-8d699134e1fa:M37f48b8734998f5a42ba5afc:0:7VeXG_PQdxINxYANAt1yIGzQ6bSdIST_Sncjud3k4s0

On Tue, 30 Dec 2025 01:28:51 -0500, "David Arroyo" <david@arroyo.cc> wrote:
david> On Mon, Dec 29, 2025, at 09:40, sirjofri via 9fans wrote:
david> > For the factotum key, another complex issue could be that factotum
david> > needs access to the network interface for auth stuff. I was thinki=
ng
david>=20
david> I had not thought about that. I will probably start with the protoco=
ls
david> which can be completed offline, such as ssh. For protocols which need
david> the auth server to validate the peer's key, I'm not sure. Perhaps the

Alternatively, just set it up as a secret store, like is done with
terminals.  Not quite as elegant/cool, but perhaps more practical.

Dworkin

------------------------------------------
9fans: 9fans
Permalink: https://9fans.topicbox.com/groups/9fans/Ta60752663ff08448-M37f48=
b8734998f5a42ba5afc
Delivery options: https://9fans.topicbox.com/groups/9fans/subscription