From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <8977c47617d8e422a0d383a4c2a311dd@quintile.net> From: "Steve Simon" Date: Tue, 3 Apr 2007 12:18:00 +0100 To: 9fans@cse.psu.edu MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Subject: [9fans] inferno/pop secrets Topicbox-Message-UUID: 3ca6adee-ead2-11e9-9d60-3106f5b1d025 Hi, I understand how p9sk1 auth works but have never quite understood how the inforno/pop password is distributed - this is used for quite a few protocols plan9 serves - imap, pop, vnc (server) inferno, httpd etc. It seems to me that all these servers would need to run in the namespace of auth/keyfs so they can read /mnt/keys/$user/secret to run their auth. If these servers are to run on a seperate cpu server rather than the auth server itself then this namespace must be securly exported - how is this done? This piece of the jigsaw doesn't fit in my brain. -Steve