Difference between revisions of "Application:SkyNet"
Line 12: | Line 12: | ||
Add some sort of profile support; eg if I am at work connected through wifi on the corporate SSID I don't want the Pre to attempt to VPN in to get to work resources, and conversely at home I don't want to tunnel to my home network if I am already attached by wifi. | Add some sort of profile support; eg if I am at work connected through wifi on the corporate SSID I don't want the Pre to attempt to VPN in to get to work resources, and conversely at home I don't want to tunnel to my home network if I am already attached by wifi. | ||
+ | |||
+ | == Service Methods == | ||
+ | |||
+ | First we need a means of creating an ssh key-pair, and sending the public key to another device for installation there. | ||
+ | |||
+ | So an atomic service method to create a key-pair, install the private key, and return the public key is needed. The service method must not give access to the private key. | ||
+ | |||
+ | Perhaps two service methods. One to generate a key-pair, and one to return the public key. |
Revision as of 06:08, 23 May 2010
SkyNet is an application which manages the secure linking of webOS (and other) devices together over the internet.
It uses secure exchange of ssh keys, and management of restricted rsync command lines in the authorized_keys file, to allow secure, managed, authorized transfers of files between devices.
It can also be used to set up secure tunnels and VPN networks of devices using openvpn.
All actions must be carefully controlled and authorised by the user, lest it become the SkyNet of the Terminator variety ...
Discussion welcome on how we achieve this. Let's use this as a working page for architecture and design ideas. Just write them below.
Add vpnc support.
Add some sort of profile support; eg if I am at work connected through wifi on the corporate SSID I don't want the Pre to attempt to VPN in to get to work resources, and conversely at home I don't want to tunnel to my home network if I am already attached by wifi.
Service Methods
First we need a means of creating an ssh key-pair, and sending the public key to another device for installation there.
So an atomic service method to create a key-pair, install the private key, and return the public key is needed. The service method must not give access to the private key.
Perhaps two service methods. One to generate a key-pair, and one to return the public key.