Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [eclipse.org-committers] SSH Auth Bot and your account security

I will answer Christian's questions to the list, since many may share
the same concerns:

On 01/18/2016 05:36 AM, Christian Campo wrote:
> Für die Riena instance we dont
> have an HIPP instance and we dont plan to have one. (and it makes no sense
> for us) Dont we need a ssh shell account to sign our p2 deliverable ?

We have a (very) restricted shell which allows signing and SCP/SFTP
operations. Switching everyone to this restricted shell would already
decrease my stress level by about 91%.

SSH shell (aka /bin/bash) access will eventually go away on our servers.
It makes no sense whatsoever. But before doing that, we will ensure that
we provide reasonable services for download file management and signing.
This won't happen tomorrow, but it might happen in 2016 or early next year.



> On the other hand I dont understand why shell access is related to Git
> access (vs Gerrit access).

We currently use the operating system's SSH as the mechanism to tunnel
Pure Git securely, which, the way we're doing it, is a horrendously
horrible way of doing it.

GitHub has some underlying infrastructure to provide SSH independently
from the underlying server OS. This is where Gerrit (and jGit/jSSH) come
into play.


> I personally never want to move to Gerrit

That's fine -- when we are ready, we'll provide those who do not want to
use Gerrit a link to the location where you can manage your SSH keys and
http/https passwords, and you can keep using Git as you've always done,
but likely with slightly different URIs. But everything else will be the
same.

Denis


Back to the top