Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [eclipse.org-committers] SSH Auth Bot and your account security 
Hi Denis,

I publish milestones using ssh but I do have a script to help me, so I like the idea of trying HIPP to do that.  But then the question of security comes in.  How do I limit the number of people that are allowed to run that job?  When I create a new job on the CDT HIPP it seems all committers can run it by default. It is not that I don't trust other committers, but I prefer to reduce the risk of mistakes and only give permissions to people doing the releng stuff.

Thanks

Marc

________________________________________
From: eclipse.org-committers-bounces@xxxxxxxxxxx [eclipse.org-committers-bounces@xxxxxxxxxxx] on behalf of Denis Roy [denis.roy@xxxxxxxxxxx]
Sent: January 15, 2016 12:04 PM
To: eclipse.org-committers@xxxxxxxxxxx
Subject: Re: [eclipse.org-committers] SSH Auth Bot and your account security

As a quick follow-up: if you have a HIPP instance and a shell account,
we won't automatically revoke your shell. I apologize if my wording
convinced you otherwise.

We know who you are and we know who uses the shell and who doesn't.
We're paranoid but smart.

Denis



On 01/15/2016 11:45 AM, Denis Roy wrote:
> Greetings committers,
>
> A handful of you have SSH access to build.eclipse.org. You may have seen
> the SSH Auth Bot block shell access to you from an unknown location at
> some time.
>
> Today we've had our first instance of unauthorized access. Fortunately,
> the SSH Auth Bot blocked that access and prevented a potential disaster
> for our data and our computer systems. But more importantly:
>
>      _The committer informed us immediately_
>
> If your account is blessed with shell access, we appreciate your
> continued attention to the SSH Auth Bot warnings you may receive.
>
> Moving forward, we'll be removing shell access from those accounts who
> do not have a valid need for it. Basically, any project that owns a HIPP
> instance has no real need for a shell, as the HIPP instance can run
> shell scripts on your behalf. We'll also be adding access history to
> your account page on dev.eclipse.org, so you can audit and monitor your
> access to our servers.
>
> Once pure Git is deprecated [1] and Gerrit is used for all our repos,
> SSH access will be entirely eliminated for all users except a few that I
> can count on my left hand. Local SSH access is our #1 security liability
> at the moment.
>
> Thanks again for being a good Eclipse citizen.
>
> Denis
>
>
> [1] https://bugs.eclipse.org/bugs/show_bug.cgi?id=452549
>
>
>
_______________________________________________
eclipse.org-committers mailing list
eclipse.org-committers@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/eclipse.org-committers

IMPORTANT: Membership in this list is generated by processes internal to the Eclipse Foundation.  To be permanently removed from this list, you must contact emo@xxxxxxxxxxx to request removal.

Back to the top