Remote control of the BOINC client
The BOINC core client typically is controlled by
the BOINC Manager running on the same machine:
The two programs communicate over a local connection,
using 'GUI RPC' (Graphical User Interface Remote Procedure Call).
It's also possible to use the BOINC Manager to control
a core client on a different host:
And BOINCView (an add-on program developed by a third party) is
able to control many BOINC clients at once:
Access control for GUI RPC
Since GUI RPCs can control the BOINC client
(e.g. attaching/detaching projects)
it is important to protect your BOINC client from unauthorized control.
There are two levels of protection:
- You can associate a password with the client.
If a password is used,
GUI RPCs must be authenticated with this password.
- You can restrict RPCs to a limited set of hosts.
A GUI RPC is handled only if it passes both levels of protection.
After a standard installation, BOINC is highly secure;
it generates its own (long, random) password,
and it doesn't allow access from other hosts.
Password protection
If you place a password in a file gui_rpc_auth.cfg
in your BOINC directory,
GUI RPCs must be authenticated using the password.
If this file is not present, there is no password protection.
Remote host restriction
By default the core client accepts GUI RPCs only from the same host.
You can allow remote hosts to control a core client in two ways:
- If you run the client with the
-allow_remote_gui_rpc command line option,
it will accept connections from any host.
This is not recommended unless the host is behind a firewall
that blocks the GUI RPC port (1043).
-
You can create
a file remote_hosts.cfg in your BOINC directory containing
a list of allowed DNS host names or IP addresses (one per line).
Those hosts will be able to connect.
The remote_hosts.cfg file can have comment lines that start with either a #
or a ; character as well.
";
page_tail();
?>