wiki:RpcAuth

Version 4 (modified by Nicolas, 17 years ago) (diff)

Double dash on --allow_remote_gui_rpc switch

Controlling BOINC remotely

Remote control of the BOINC client

The BOINC core client typically is controlled by the BOINC Manager? running on the same machine:

http://boinc.berkeley.edu/gui_auth.png

The two programs communicate over a local connection, using 'GUI RPC' (Graphical User Interface Remote Procedure Call). It's also possible to use the BOINC Manager to control a core client on a different host:

http://boinc.berkeley.edu/gui_auth2.png

You can use add-on programs such as BOINCView to control many BOINC clients at once:

http://boinc.berkeley.edu/gui_auth3.png

Access control for GUI RPC

Since GUI RPCs can control the BOINC client (e.g. attaching/detaching projects) it is important to protect your BOINC client from unauthorized control. There are two levels of protection:

  • GUI RPCs are authenticated with a GUI RPC password. This is stored with the client in the file gui_rpc_auth.cfg. When BOINC first runs, it generates a long, random password. You can change it if you like.
  • You can specify a set of hosts from which RPCs are allowed. By default, RPCs are allowed only from the same host.

A GUI RPC is handled only if it passes both levels of protection.

Allowing RPCs from remote hosts

By default the core client accepts GUI RPCs only from the same host. You can allow remote hosts to control a core client in two ways:

  • If you run the client with the --allow_remote_gui_rpc command line option, it will accept connections from any host (subject to password authentication).
  • You can create a file remote_hosts.cfg in your BOINC directory containing a list of allowed DNS host names or IP addresses (one per line). These hosts will be able to connect. The remote_hosts.cfg file can have comment lines that start with either a # or a ; character as well.

Attachments (3)

Download all attachments as: .zip