Re: [gopher] A Gopher noob and endless questions. ;-)

To: Gopher Project Discussion <gopher-project@lists.alioth.debian.org>
Subject: Re: [gopher] A Gopher noob and endless questions. ;-)
From: Mike Hebel <nimitz@nimitzbrood.com>
Date: Wed, 7 Apr 2010 10:16:46 -0500
Message-id: <[🔎] 9D7E2F08-7D6A-4D5A-8756-0C8726AC0D0D@nimitzbrood.com>
Reply-to: Gopher Project Discussion <gopher-project@lists.alioth.debian.org>
In-reply-to: <[🔎] 201004071459.o37ExYSd017698@floodgap.com>
References: <[🔎] 201004071459.o37ExYSd017698@floodgap.com>


On Apr 7, 2010, at 9:59 AM 4/7/10, Cameron Kaiser wrote:

Mike,

Hey all!  I've been fooling around with pygopherd after being
introduced to Gopherspace a while back by a friend of mine.  ( My
current server - gopher://www.terminalcore.net - NetBSD 3.0 Sparc64,
Netra T105)

It's interesting stuff and in a lot of ways eminently better than FTP
or certain other serving methods.  I like it also because it doesn't
take up a lot of horsepower.

Nice. I'll add your site to the new gophers list, and V-2 will seedoff

of that. What would you like the display string to be?

The Terminal Core is good. (That's a FLCL reference for any animefans out there.)

One thing I noticed is that there doesn't seem to be an easy way to
make a front-end authentication page if you wanted part of yourGopher
server to be secure.  (At least I didn't see a way.)
Unfortunately no, unless you wrote some custom server that required
signed credentials on each access. This would of course probablydemand
a custom client.

As I suspected. I could do it using IP blocking at the firewall orport knocking or something equally nutty but those have serious issues.

Can this be done with +ASK?  Does anybody have an example of using
+ASK that doesn't make my head hurt?
+ASK could handle the form, but the server would still have to enforce
the security. I suppose you could have a mole as a front end, but Iwouldhave to think about the potential gaps in that. Or, you could useitemtype
7, though this is a little more opaque.

So let me ask you this then - does the +ASK form have the ability topopulate a text file? If so then I just thought of something.

You could have a daemon running in the background that checks the textfile for name:passwd then fires up a server session on a particularport. The gophermap behind the ask form would have custom links foreach user. The links would only then be active if someone has loggedin via the +ASK form. Put a logoff +ASK form in the user gopherspaceand give the daemon a timeout ability to kill the special serversession and the user gopherspace would then only be available whensomeone was properly logged in.

It's a kludge and it doesn't provide password security but it wouldwork in theory. (Provided I don't have the capabilities of +

ASK wrong in my head - I'm still very fuzzy on a lot of Gopher stuff.)

Also you'd have to define a range of ports in the firewall asdedicated Gopher ports.

And, of course, Gopher over TLS or
SSL has been proposed but not ever, to my knowledge, implemented.



I'm not really looking for secure Gopher but TLS/SSL would indeed rock.

--
Mike

"All we wanna do is eat your brains! We're not unreasonable, I mean noone's gonna eat your eyes." - Re: Brains, Jonathan Coultan



_______________________________________________
Gopher-Project mailing list
Gopher-Project@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/gopher-project

Reply to:

Follow-Ups:
- Re: [gopher] A Gopher noob and endless questions. ;-)
  - From: Cameron Kaiser <spectre@floodgap.com>
- Re: [gopher] A Gopher noob and endless questions. ;-)
  - From: Kim Holviala <kim@holviala.com>

References:
- Re: [gopher] A Gopher noob and endless questions. ;-)
  - From: Cameron Kaiser <spectre@floodgap.com>

Prev by Date: Re: [gopher] Finally up and running in gopherspace
Next by Date: Re: [gopher] A Gopher noob and endless questions. ;-)
Previous by thread: Re: [gopher] A Gopher noob and endless questions. ;-)
Next by thread: Re: [gopher] A Gopher noob and endless questions. ;-)
Index(es):
- Date
- Thread