Is including a built in SSH server a good idea

[bencawkwell]

I apologise beforehand, I know this is a discussion topic and probably belongs on the discord server, but I am currently too busy to follow this up, so I am creating an issue in the hope is starts a discussion among the kind people who do dedicate their time. I noticed this was a relatively new project, and felt it better to raise this now, than keep quiet.

I only came across this project 30min ago, and liked the idea a lot. However the inclusion of a built in SSH server seems very strange to me, and likely to result in all sorts of security vulnerabilities, for example: #52

If I were to guess why this was added it was because of the following two scenarios:

1. You want to create GIFS on a remote computer where things were setup already for what you wanted to record.
2. You want to setup VHS on only one computer rather than install it locally, but getting the output files locally.

My alternative solution for scenario 1 is adding the ability to stop/start recording. This way, someone can use ssh to connect to the remote at the beginning of the tabe file, start recording, then stop recording before disconnecting. The advantage here is that VHS does not need to be installed on the remote at all. Another idea is introducing some kind of pre/post hooks concept.

For scenario 2, we already have tools like scp, that should be enough to cover most use cases.

Referencing this famous quote:

Write programs that do one thing and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface.

I think VHS looks really cool. But I do not think it should try and do something that other programs already do well, especially things that potentially compromise security. If users need to allow remote SSH access to a machine, they should use something proper developed for that purpose.

I am sorry for being a bit of downer on what probably seemed like a good idea at the time, I just think this particular idea is trying to solve a problem that could be handled in a more simple way.

[caarlos0]

Hey, thanks for raising these questions...

The idea of having the SSH serve is, for instance, if you want to share it with your coworkers and/or friends, and it is is optional, it only starts when you run vhs serve, and it listens on localhost only by default (to prevent accidentally exposing it).

You can customize authorized_hosts et al, and more authentication mechanisms will be added eventually.

Also worth noting that we use the Golang crypto/ssh libs, which are very well tested.

Hope that helps clarifying things a bit.

Cheers!

[maaslalani]

Totally agree @bencawkwell that this can all be done with:

1. scp-ing the .tape file onto the server.
2. ssh-ing into the server.
3. Running vhs on the tape file
4. scp-ing the .gif back to the machine

However, we wanted to make this super simple by simply allowing people to run:

ssh vhs.example.com < file.tape > demo.gif

So that they could run this command super simply and that it would be easier to setup VHS on a remote machine.

That being said the server is totally optional and you can do things with scp / ssh as well!