You are viewing a plain text version of this content. The canonical link for it is here.
Posted to general@gump.apache.org by Sander Temme <sa...@temme.net> on 2010/04/16 03:40:36 UTC
sshd config change on vmgump
Folks,
Following the recent havoc on ASF servers, new rules have been imposed on sshd keys and the use of passwords.
I have implemented the first part of this today by changing the sshd configuration. Right now, the only ones that have sshd access are myself and Infra's Joe Schaefer and Mark Thomas.
I am seeing the following accounts on the VM:
leosimons
bodewig
brett
billbarker
dims
mvdb
sebb
Who (still) needs sshd access? I can migrate keys accordingly.
Next up, implementation of OPIE which has to happen by May 1 Or Else.
Thanks,
S.
--
sander@temme.net http://www.temme.net/sander/
PGP FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529 24AF
---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
For additional commands, e-mail: general-help@gump.apache.org
Re: sshd config change on vmgump
Posted by Stefan Bodewig <bo...@apache.org>.
On 2010-04-16, Sander Temme <sc...@apache.org> wrote:
> Stefan,
> I have added you to the centralized keystore and the appropriate
> group. The keys are the same keys that were in your
> ~/.ssh/authorized_keys*
> You should be able to log back in now.
Yes, works fine, thanks.
Stefan
---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
For additional commands, e-mail: general-help@gump.apache.org
Re: sshd config change on vmgump
Posted by Sander Temme <sc...@apache.org>.
Stefan,
On Apr 15, 2010, at 9:15 PM, Stefan Bodewig wrote:
> On 2010-04-16, Sander Temme <sa...@temme.net> wrote:
>
>> Following the recent havoc on ASF servers, new rules have been imposed
>> on sshd keys and the use of passwords.
>
>> I have implemented the first part of this today by changing the sshd
>> configuration. Right now, the only ones that have sshd access are
>> myself and Infra's Joe Schaefer and Mark Thomas.
>
>> Who (still) needs sshd access? I can migrate keys accordingly.
>
> I do (as well as on the Solaris zone once that gets migrated).
I have added you to the centralized keystore and the appropriate group. The keys are the same keys that were in your ~/.ssh/authorized_keys*
You should be able to log back in now.
S.
>
>> Next up, implementation of OPIE which has to happen by May 1 Or Else.
>
> Guess I have some reading to do 8-)
>
> Thanks for taking care of it
>
> Stefan
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
> For additional commands, e-mail: general-help@gump.apache.org
>
>
--
Sander Temme
sctemme@apache.org
PGP FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529 24AF
---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
For additional commands, e-mail: general-help@gump.apache.org
Re: sshd config change on vmgump
Posted by Stefan Bodewig <bo...@apache.org>.
On 2010-04-16, Sander Temme <sa...@temme.net> wrote:
> Following the recent havoc on ASF servers, new rules have been imposed
> on sshd keys and the use of passwords.
> I have implemented the first part of this today by changing the sshd
> configuration. Right now, the only ones that have sshd access are
> myself and Infra's Joe Schaefer and Mark Thomas.
> Who (still) needs sshd access? I can migrate keys accordingly.
I do (as well as on the Solaris zone once that gets migrated).
> Next up, implementation of OPIE which has to happen by May 1 Or Else.
Guess I have some reading to do 8-)
Thanks for taking care of it
Stefan
---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
For additional commands, e-mail: general-help@gump.apache.org
Re: sshd config change on vmgump
Posted by Brett Porter <br...@apache.org>.
I haven't done anything on gump in a few years.
On 16/04/2010, at 11:40 AM, Sander Temme wrote:
> Folks,
>
> Following the recent havoc on ASF servers, new rules have been imposed on sshd keys and the use of passwords.
>
> I have implemented the first part of this today by changing the sshd configuration. Right now, the only ones that have sshd access are myself and Infra's Joe Schaefer and Mark Thomas.
>
> I am seeing the following accounts on the VM:
>
> leosimons
> bodewig
> brett
> billbarker
> dims
> mvdb
> sebb
>
> Who (still) needs sshd access? I can migrate keys accordingly.
>
> Next up, implementation of OPIE which has to happen by May 1 Or Else.
>
> Thanks,
>
> S.
>
> --
> sander@temme.net http://www.temme.net/sander/
> PGP FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529 24AF
>
--
Brett Porter
brett@apache.org
http://brettporter.wordpress.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
For additional commands, e-mail: general-help@gump.apache.org
Re: sshd config change on vmgump
Posted by sebb <se...@gmail.com>.
On 16/04/2010, Sander Temme <sa...@temme.net> wrote:
> Folks,
>
> Following the recent havoc on ASF servers, new rules have been imposed on sshd keys and the use of passwords.
>
> I have implemented the first part of this today by changing the sshd configuration. Right now, the only ones that have sshd access are myself and Infra's Joe Schaefer and Mark Thomas.
>
> I am seeing the following accounts on the VM:
>
> leosimons
> bodewig
> brett
> billbarker
> dims
> mvdb
> sebb
>
> Who (still) needs sshd access? I can migrate keys accordingly.
I do still occaisionally find shell access to Gump useful for
debugging failed runs, but I cannot really claim that I *need* access.
If there was an easy way to get read-only access to the Gump
workspaces (rather than just the reports) I would not need a login.
> Next up, implementation of OPIE which has to happen by May 1 Or Else.
>
> Thanks,
>
> S.
>
>
> --
> sander@temme.net http://www.temme.net/sander/
> PGP FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529 24AF
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
> For additional commands, e-mail: general-help@gump.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
For additional commands, e-mail: general-help@gump.apache.org