Re: Guix and remote trust

help-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Guix and remote trust

From:	zimoun
Subject:	Re: Guix and remote trust
Date:	Fri, 13 Dec 2019 12:05:58 +0100

Hi Pierre,

Sorry if I am dumb but I do not understand what is your use-case and
what you try to achieve.

I imagine... so maybe I am totally out of your scope.

Let consider Alice and Bob and 2 machines: aneto and balaitou.
Alice runs aneto, it is her local machine.
And she has an SSH access to balitou. And say this access is non-root,
only Bob has root access on balaitou.

Your question is: how can Alice be sure that she runs the same
binaries on aneto and balaitou? other said how can she detect baloitou
has been compromised?
Is it your use-case?

If yes, Alice can :

 1. check the integrity on the balaitou machine by running "guix gc --verify"
 2. publish the store of aneto with "guix publish"
 3. challenge the store of balaitou against the store of aneto with
"guix challenge"

Does not fit your use-case?


Cheers,
simon

[Prev in Thread]

Current Thread

[Next in Thread]

Guix and remote trust, Pierre Neidhardt, 2019/12/12
- Re: Guix and remote trust, Christopher Baines, 2019/12/12
  - Re: Guix and remote trust, Pierre Neidhardt, 2019/12/13
    - Re: Guix and remote trust, zimoun <=
    - Re: Guix and remote trust, Pierre Neidhardt, 2019/12/13
    - Re: Guix and remote trust, zimoun, 2019/12/13
    - Re: Guix and remote trust, Josh Marshall, 2019/12/13
    - Re: Guix and remote trust, Pierre Neidhardt, 2019/12/13
    - Re: Guix and remote trust, Pierre Neidhardt, 2019/12/13
    - Re: Guix and remote trust, Pierre Neidhardt, 2019/12/13
    - Re: Guix and remote trust, zimoun, 2019/12/13

Prev by Date: Re: Guix and remote trust
Next by Date: Re: Guix and remote trust
Previous by thread: Re: Guix and remote trust
Next by thread: Re: Guix and remote trust
Index(es):
- Date
- Thread