[Buildbot] #3004: No passwords anywhere
Buildbot trac
trac at buildbot.net
Wed Nov 5 00:28:06 UTC 2014
#3004: No passwords anywhere
-------------------+-------------------------------
Reporter: dustin | Owner:
Type: task | Status: new
Priority: minor | Milestone: sys - on-bb-infra
Version: 0.8.9 | Keywords:
-------------------+-------------------------------
Shared passwords suck. When people come and go, you have to change them.
It's a nightmare.
Proposal:
* SSH key access for admins to named accounts (dustin, amar, mss, etc.)
on each host
* passwordless sudo access
* `ALL` for admins
* `jexec <appropriate jail> sh` for non-admins with access to a single
jail
* No root logins via SSH
* Root password locked or at least unknown to anyone
I'd be happy to add a free 2FA provider to this to complement the SSH keys
-- but let's do that once the baseline is in place.
--
Ticket URL: <http://trac.buildbot.net/ticket/3004>
Buildbot <http://buildbot.net/>
Buildbot: build/test automation
More information about the bugs
mailing list