Re: [gentoo-user] Hosted server as distcc machine

["Boyd Stephen Smith Jr." <bss03@volumehost.net>]

On Friday 24 March 2006 13:25, Grant <emailgrant@gmail.com> wrote about 
'Re: [gentoo-user] Hosted server as distcc machine':
> > > > It's probably better to use distcc over ssh, using an ssh-agent
> > > > and PKI authentication.
> > > How would ssh and PKI be set up in
> > > the workflow?  It isn't mentioned here:
> > > http://www.gentoo.org/doc/en/distcc.xml
> >
> > 1) On the server, set up the shell account that will use distcc via
> > ssh.
> > 2) On the client, generate the private key for that account and 
> > use ssh-copy-id to give the server the public key.
> > 3) On the server, if possible, disable password logins to force the
> > use of the private key for that user.
> > 4) On the client, add a line like shell_account@server to your
> > distcc_hosts.
> > 5) Prior to invoking distcc on the client, start 
> > an ssh-agent (I prefer the keychain "meta-"agent.) and optionally add
> > your private key to the agent. (If you don't start an agent, each
> > compile that goes to an ssh host will ask for a password -- very
> > troublesome with parallel make; If you don't add your private key to
> > the agent, you'll get prompted for the passphrase the first time you
> > need a key -- still moderately troublesome.)
> >
> > There is no need to run distccd on the server at all.  You /will/ need
> > sshd.
>
> It sounds like this would make the remote
> distcc idea as secure as ssh and I won't have to worry about the fact
> that distcc wasn't built with security in mind.  Is that right?

Yes.  Since you aren't running the distccd server it's lack of security is 
not concern for you.  You'll be depending on the security of ssh.  While 
not completely spotless (e.g. the zlib vulnerability bit openssh) it was, 
at least, designed with security in mind.

> Also, 
> I'm the only user on all of my systems so it would be OK to use plain
> ssh without PKI right?

Unfortunately, no.  Not because it's less secure (though, it might be 
depending on the strength of your passwords vs passphrases), but because 
there's no such thing (AFAIK) as an ssh-password-agent.  This means that 
each compile job has to ask you for the password -- that's not gonna be 
real useful, most likely.  See the parenthetical notes at the end of step 
5.

-- 
"If there's one thing we've established over the years,
it's that the vast majority of our users don't have the slightest
clue what's best for them in terms of package stability."
-- Gentoo Developer Ciaran McCreesh
-- 
gentoo-user@gentoo.org mailing list