9front - general discussion about 9front
 help / color / mirror / Atom feed
From: "Noam Preil" <noam@pixelhero.dev>
To: <9front@9front.org>
Subject: Re: [9front] Introduction and regarding guidance
Date: Wed, 01 Jun 2022 21:54:41 -0400	[thread overview]
Message-ID: <CKF9VM8MM8DB.2SAW1H6K35QV7@pixelpc> (raw)
In-Reply-To: <cf87d038-e3c4-6d1e-d7dc-6e6f55c19960@fjrhome.net>


I looked into this a few months ago for much the same reason.

First, drawterm has to auth *to* the remote, to start the session. To do
so via secstore, it loads the auth key from secstore, discards the 
secstore file, and uses the key to auth in (then forgetting the key as
with any other).

Factotum loaded *from the remote end* then gets started, and wants the
keys from secstore. So, it logs into secstore as with any other time
you run auth/factotum in userspace.

In theory, there's a couple solutions:

* Accept the status quo. This isn't a great answer, but really there's
two things doing authentication, so why *shouldn't* it ask for the
password twice?

* Well, maybe there shouldn't be two things during authentication. If
factotum is run *by drawterm*, and that normal factotum is used for
initial auth, then there's no need to run factotum after connecting, and
the password only gets asked for once.

* Or, maybe drawterm should hold on to the factotum keys from secstore,
seed them to the factotum, and *then* forget them.

There's probably a couple options I haven't thought of. The hardest part
is to figure out *desired* behavior. Once that's known, the actual code
should be relatively straightforward.

- Noam Preil

  reply	other threads:[~2022-06-02  1:58 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-06-01 20:36 Deepak kr. Mahato
2022-06-01 22:43 ` ori
2022-06-02  0:27   ` Frank D. Engel, Jr.
2022-06-02  1:54     ` Noam Preil [this message]
2022-06-02  3:05       ` sirjofri
2022-06-02  3:21         ` noam
2022-06-02  4:22         ` william
2022-06-02  4:55           ` Mart Zirnask
2022-06-02  5:02           ` sirjofri
2022-06-02 14:44   ` Deepak kr. Mahato
2022-06-02 14:50     ` Stanley Lieber
2022-06-02 14:51     ` Christos Margiolis

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CKF9VM8MM8DB.2SAW1H6K35QV7@pixelpc \
    --to=noam@pixelhero.dev \
    --cc=9front@9front.org \


* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).