[gopher] A Gopher noob and endless questions. ;-)
Mike Hebel
nimitz at nimitzbrood.com
Wed Apr 7 15:16:46 UTC 2010
On Apr 7, 2010, at 9:59 AM 4/7/10, Cameron Kaiser wrote:
> Mike,
>
>> Hey all! I've been fooling around with pygopherd after being
>> introduced to Gopherspace a while back by a friend of mine. ( My
>> current server - gopher://www.terminalcore.net - NetBSD 3.0 Sparc64,
>> Netra T105)
>>
>> It's interesting stuff and in a lot of ways eminently better than FTP
>> or certain other serving methods. I like it also because it doesn't
>> take up a lot of horsepower.
>
> Nice. I'll add your site to the new gophers list, and V-2 will seed
> off
> of that. What would you like the display string to be?
The Terminal Core is good. (That's a FLCL reference for any anime
fans out there.)
>> One thing I noticed is that there doesn't seem to be an easy way to
>> make a front-end authentication page if you wanted part of your
>> Gopher
>> server to be secure. (At least I didn't see a way.)
>
> Unfortunately no, unless you wrote some custom server that required
> signed credentials on each access. This would of course probably
> demand
> a custom client.
As I suspected. I could do it using IP blocking at the firewall or
port knocking or something equally nutty but those have serious issues.
>> Can this be done with +ASK? Does anybody have an example of using
>> +ASK that doesn't make my head hurt?
>
> +ASK could handle the form, but the server would still have to enforce
> the security. I suppose you could have a mole as a front end, but I
> would
> have to think about the potential gaps in that. Or, you could use
> itemtype
> 7, though this is a little more opaque.
So let me ask you this then - does the +ASK form have the ability to
populate a text file? If so then I just thought of something.
You could have a daemon running in the background that checks the text
file for name:passwd then fires up a server session on a particular
port. The gophermap behind the ask form would have custom links for
each user. The links would only then be active if someone has logged
in via the +ASK form. Put a logoff +ASK form in the user gopherspace
and give the daemon a timeout ability to kill the special server
session and the user gopherspace would then only be available when
someone was properly logged in.
It's a kludge and it doesn't provide password security but it would
work in theory. (Provided I don't have the capabilities of +
ASK wrong in my head - I'm still very fuzzy on a lot of Gopher stuff.)
Also you'd have to define a range of ports in the firewall as
dedicated Gopher ports.
> And, of course, Gopher over TLS or
> SSL has been proposed but not ever, to my knowledge, implemented.
I'm not really looking for secure Gopher but TLS/SSL would indeed rock.
--
Mike
"All we wanna do is eat your brains! We're not unreasonable, I mean no
one's gonna eat your eyes." - Re: Brains, Jonathan Coultan
More information about the Gopher-Project
mailing list