[clug] authenticated RPC (linux Digest, Vol 141, Issue 8, Message 1)

Miles Goodhew mgoodhew at gmail.com
Wed Sep 10 15:25:52 MDT 2014 

Jeff,
  I'd use the Duplo approach: an OpenVPN tunnel (auth+crypt) and an
interface-limited protocol that runs over it.

M0les.

> Date: Wed, 10 Sep 2014 14:38:51 +1000
> From: jm <jeffm at ghostgun.com>
> Message-ID: <540FD5DB.7080006 at ghostgun.com
>
> Are there any RPC protocols out there that have
> authentication/aothorisation built in? It seem to have been over looked
> in every one I've looked at. I'm using python to write some middle ware
> to sit between a django front end on one server and a privileged service
> on another, exposing a limited set of functionality. While I'll be
> locking it down to only one or two IP addresses I'd still prefer to have
> the extra level of protection of authentication. Not just as a mean of
> defence in depth, but also to stop other things on the front end server
> from having access or to change what functionality is available
> depending on the user.
>
> Jeff.
>
>
>
> !DSPAM:540fd5dd12416598930770!
>
>
>
>
> ------------------------------
>
> Message: 2
> Date: Wed, 10 Sep 2014 15:33:45 +1000
> From: Scott Ferguson <scott.ferguson.clug at gmail.com>
> To: linux at lists.samba.org
> Subject: Re: [clug] authenticated  RPC
> Message-ID: <540FE2B9.1050406 at gmail.com>
> Content-Type: text/plain; charset=UTF-8
>
> On 10/09/14 14:38, jm wrote:
> > Are there any RPC protocols out there that have
> > authentication/aothorisation built in? It seem to have been over looked
> > in every one I've looked at.
>
> Quick Google gives:-
> IBM
>
http://www-01.ibm.com/support/knowledgecenter/ssw_aix_61/com.ibm.aix.progcomc/rpc_auth.htm
> Oracle Secure RPC
> http://docs.oracle.com/cd/E23823_01/html/816-4557/auth-2.html
> Google RPCAuth
> Microsoft has one too.
>
>
> >  I'm using python to write some middle ware
> > to sit between a django front end on one server and a privileged service
> > on another, exposing a limited set of functionality. While I'll be
> > locking it down to only one or two IP addresses I'd still prefer to have
> > the extra level of protection of authentication. Not just as a mean of
> > defence in depth, but also to stop other things on the front end server
> > from having access or to change what functionality is available
> > depending on the user.
> >
> > Jeff.
> >
> >
> >
> > !DSPAM:540fd5dd12416598930770!
> >
> >
>
>
> HTH
>
> Kind regards
>
>
>
> ------------------------------
>
> _______________________________________________
> linux mailing list
> linux at lists.samba.org
> https://lists.samba.org/mailman/listinfo/linux
>
>
> End of linux Digest, Vol 141, Issue 8
> *************************************

More information about the linux mailing list