Sun Jun 8 10:51:03 CEST 2008

my problem with passwords

I'd like to use a single authentication method. Basically, this is ssh
+ key manager. The problem i run into is that anything that runs on TCP
needs its own authentication + encryption mechanism. I much more
prefer the combination of unix sockets (which have unix user level
protection) + ssh tunnels (as point-to-point between hosts).

An ideal solution seems to be to have a mzscheme instance running on
each host, with point-to-point links to all other hosts. Then
interface this to a virtual filesystem + web server. This is the most
generic interface to most applications..

The problem with this however is its non-portability. If i write
something like this, i'd like to run it on windows too.. So is SSL the
only option?

Maybe OpenVPN is the solution. However, it gives only machine level
security. Maybe i should stick with machine level sec and use unix
virtual machines? The only problem to solve then is local storage
access: each VM needs some access to host based storage, so the image
itself can be kept small.

What's the smallest operating system mzscheme runs under? That has to
be linux. What about using linux-2.4 for this? The problem with
running this on windows is that there's no such thing as kqemu, so
vmware might be necessary.

No, this is overkill. PLT Scheme has enough operating system abilities
to not need such a virtualization layer. The only thing really is to
connect multiple instances in a secure way, and forget about wanting
to do this with ssh.