This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
Is including a built in SSH server a good idea #63
Comments
{{ message }}
You can continue the conversation there. Go to discussion →
I apologise beforehand, I know this is a discussion topic and probably belongs on the discord server, but I am currently too busy to follow this up, so I am creating an issue in the hope is starts a discussion among the kind people who do dedicate their time. I noticed this was a relatively new project, and felt it better to raise this now, than keep quiet.
I only came across this project 30min ago, and liked the idea a lot. However the inclusion of a built in SSH server seems very strange to me, and likely to result in all sorts of security vulnerabilities, for example: #52
If I were to guess why this was added it was because of the following two scenarios:
My alternative solution for scenario 1 is adding the ability to stop/start recording. This way, someone can use
sshto connect to the remote at the beginning of thetabefile, start recording, then stop recording before disconnecting. The advantage here is that VHS does not need to be installed on the remote at all. Another idea is introducing some kind of pre/post hooks concept.For scenario 2, we already have tools like
scp, that should be enough to cover most use cases.Referencing this famous quote:
I think VHS looks really cool. But I do not think it should try and do something that other programs already do well, especially things that potentially compromise security. If users need to allow remote SSH access to a machine, they should use something proper developed for that purpose.
I am sorry for being a bit of downer on what probably seemed like a good idea at the time, I just think this particular idea is trying to solve a problem that could be handled in a more simple way.
The text was updated successfully, but these errors were encountered: