Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [] SSH Auth Bot and your account security

Hi Denis,

I publish milestones using ssh but I do have a script to help me, so I like the idea of trying HIPP to do that.  But then the question of security comes in.  How do I limit the number of people that are allowed to run that job?  When I create a new job on the CDT HIPP it seems all committers can run it by default. It is not that I don't trust other committers, but I prefer to reduce the risk of mistakes and only give permissions to people doing the releng stuff.



From: [] on behalf of Denis Roy [denis.roy@xxxxxxxxxxx]
Sent: January 15, 2016 12:04 PM
Subject: Re: [] SSH Auth Bot and your account security

As a quick follow-up: if you have a HIPP instance and a shell account,
we won't automatically revoke your shell. I apologize if my wording
convinced you otherwise.

We know who you are and we know who uses the shell and who doesn't.
We're paranoid but smart.


On 01/15/2016 11:45 AM, Denis Roy wrote:
> Greetings committers,
> A handful of you have SSH access to You may have seen
> the SSH Auth Bot block shell access to you from an unknown location at
> some time.
> Today we've had our first instance of unauthorized access. Fortunately,
> the SSH Auth Bot blocked that access and prevented a potential disaster
> for our data and our computer systems. But more importantly:
>      _The committer informed us immediately_
> If your account is blessed with shell access, we appreciate your
> continued attention to the SSH Auth Bot warnings you may receive.
> Moving forward, we'll be removing shell access from those accounts who
> do not have a valid need for it. Basically, any project that owns a HIPP
> instance has no real need for a shell, as the HIPP instance can run
> shell scripts on your behalf. We'll also be adding access history to
> your account page on, so you can audit and monitor your
> access to our servers.
> Once pure Git is deprecated [1] and Gerrit is used for all our repos,
> SSH access will be entirely eliminated for all users except a few that I
> can count on my left hand. Local SSH access is our #1 security liability
> at the moment.
> Thanks again for being a good Eclipse citizen.
> Denis
> [1]
_______________________________________________ mailing list

IMPORTANT: Membership in this list is generated by processes internal to the Eclipse Foundation.  To be permanently removed from this list, you must contact emo@xxxxxxxxxxx to request removal.

Back to the top