Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [ecf-dev] authorized_keys removed from (was Re: zEclipseGitCloner project failing...auth?)

On 11/28/2012 03:48 AM, Markus Alexander Kuppe wrote:
On 11/27/2012 09:30 PM, Scott Lewis wrote:
The ECF builder at [1] seems to be failing on trying to run the
zEclipseGitCloner project [2].  Below is the console output...also see [3].

It looks like it could be something wrong with Markus'
login...mkuppe...although I'm not sure.

Markus do you have any insight about this?

it turns out that ~/.ssh/authorized_keys is gone from
After recreating it manually, zEclipseGitCloner authenticates
successfully again [1]. According to logs, the cloner had started to
fail in November (last successful run in 10/26).

Webmasters are CCed, to find out if this incident should cause any




As you may know, the Eclipse Webmasters do not allow our own Hudson instance, at to write to our code repositories. While we acknowledge that this creates inconveniences for our committers, we feel it is an important part of maintaining secure, yet open systems which are accessible to all.

If I understand correctly, you've installed keys on a remote server, allowing it to log in to servers on your behalf to write to the ECF Git code repository. The remote server, the Jenkins application and the server's SSH service are all publicly accessible. Your remote build process ceased to function on October 26 as a result of the unknown removal of your Eclipse account's authorized_keys file.

Our logs show that your account was accessed successfully via keyed authentication on on October 25, 2012 at 6:02 local time. We've examined your shell command history, and that history contains commands that would remove the authorized_keys file.

Since you have no recollection of making the changes yourself, and since the keys to your account reside on a publicly accessible server whose security integrity we cannot ascertain, I must conclude that your account has been compromised. To protect's servers, our code and our service availability I have disabled your account and have blocked SSH access originating from your remote server.

We will audit your account's activity on our servers to ensure it was not used as a mechanism to gain elevated access or to penetrate remote systems. If you wish to regain access to your account, please feel free to work with Wayne Beaton (cc'd) and myself to implement a build process that does not risk compromising your account and the servers.


Eclipse Webmaster --

Back to the top