How does it work?
The security is file based as everything in Executor. If the security
is on, the job descriptions that you submit are signed (gpg --clearsign)
and the host that tries to execute a job description will verify that
the signature is valid (gpg --verify). A valid signature means that the
host has the public key of the signer.
Do I need it?
No, if you are running Executor in a controlled environment
where you are the only user of your computers, or: the only user of
a given user account under which you run Executor. Otherwise probably yes.
Think about it: Executor runs as "you". You will want to copy files from
one computer to another, delete files or execute tasks. You not want
your neighbour to copy/delete your files.
But a statement like "without security anybody can access my computer" is
wrong. Executor is based on shared/synced directories. Only people/computers
that can write in those shared directories can operate Executor. The
security is an extra layer to implement a policy "even if we share a drive,
I shall not let you see my home directory"."
How do I use it?
You need the (i) gpg program,
then (ii) you'll create a key pair, then
(iii) you'll share your public key among the hosts
where you want to execute your programs.
(i) The gpg (Gnu Pretty Good Privacy) is available for
most platforms. If you are using Linux, you probably have it already.
For Windows, please install http://www.gpg4win.org/, and for OSX
The command that we use for Linux is simply "gpg". Windows and MacOSX
packages seem to install a shortcut that has the same name, so the
comand is the same for all the platforms.
(ii) You can create a private/public key pair by a GUI
in Linux/Windows/OSX, but for the sake of simplicity, here's the
We assume below that we create here a key for person "Executor Demo".
(iii) The goal is to get someone (Executor in another
computer) to recognize you as a signer of a job description. The
method is to add your public key in their "keychain" i.e. the list
of trusted keys. We do this by extracting the key here and then adding
in the other computer:
gpg --output executor.gpg --armor --export "Executor Demo"
gpg --import executor.gpg