Posted on | January 26, 2008 | No Comments
From my e-mail to gnupanel-devel:
For inclusion with GNUPanel, I have finished and released SRCE 1.0.7. For those of you who don’t know what SRCE is, here’s a synopsis: SRCE stands for (S)ecure (R)emote (C)ommand (E)xecution, however it does much more. SRCE is a non-blocking microkernel style cluster of services that revolves around a very small authentication daemon.
SRCE also means “Heart” in Croatian. This was an accident, but a neat one srced, the authentication daemon uses statically linked blowfish encryption (beecrypt) from a modified library to maintain a very small disk and memory footprint. It uses a double-random authentication handshake to establish the blowfish hash and authenticate to establish a session, based on a key containing 29 (up to 1024) 128 bit ciphers. Random salts for both coming in the future. Incidentally, the key is identical to the format used by C-Panel’s remote API This allows GNUPanel to also manage C-Panel servers, allowing our users the desired single point of control in the future, such as creating and removing accounts. Once a client successfully authenticates, it can issue remote calls and fetch stdout/err from those calls locally, get files from the server or transfer files to the server. A reboot mechanism is also provided, srced doesn’t fork or thread and remains alive when almost everything else dies during a tailspin due to its size and conservative allocation. All characteristics of functionality can be disabled server side, e.g. not allowing file transfers, rpc calls or reboots. It was designed to be used as a ‘microkernel style’ cluster of reliable services inside of the Linux monolith for reliability, small size and portability (uses most of its own socket libs and tcp wrappers). SRCE is ideal whenever a lightweight, secure interconnect is needed and a public key is not practical or SSH is too big. It is in use on many appliances in Asia (videoke/karaoke media fetching) as well as many servers in the web hosting industry. I’m hoping to get some beta testers who have access to 64 bit machines. The 5 that I have are running 32 bit PAE kernels and can’t be disturbed. Source is here: http://echoreply.us/hg/srce.hg For the Mercurial impaired: http://echoreply.us/tgz-snaps/ ./configure && make (be root) make install make help gives other options.
Thos of you using SRCE should probably upgrade. Its been downloaded over 15,000 times and in use on many appliances and web hosting servers, no security issues have been reported. However, we always enjoy that warm-and-fuzzy feeling from running the latest and greatest, so upgrade …. you lazy clods! Check out ‘make clone’ or ‘make help’, I made it easy.
The one platform I don’t have available for testing is x86_64, any feedback is appreciated firstname.lastname@example.org.
SRCE is free software (GPL3), enjoy it