[Buildbot-devel] How safe is buildbot outside your intranet?

Kevin Funk kevin.funk at kdab.com
Tue Jun 25 20:03:54 UTC 2013

On Tuesday 25 June 2013, 11:38, Dustin J. Mitchell wrote:
> On Tue, Jun 25, 2013 at 11:11 AM, Fabrizio Buratta
> <fabrizio at moldiscovery.com> wrote:
> > I'm wandering what happens if master and slaves are outside your intranet
> > and a "Man In the middle" tries to read master->slave communications ,
> > could that be dangerous ?  is buildbot designed to work outside an
> > intranet ?
> It depends what your slaves are doing, but yes, it'd be fairly trivial
> for someone with network access to the middle to impersonate either
> the slave (to intercept secrets from the master) or the master (to
> make the slave do their bidding).
> In many cases, that doesn't really matter - if the slaves just run
> tests, and are not in a sensitive network, there's no real risk.
> Dustin

You could use SSH tunnels to secure the connection between master and slave.

Considering that you need a persistent SSH connection, you could try using 
something like 'autossh' [1] to keep it alive.

[1] www.harding.motd.ca/autossh

Kevin Funk | kevin.funk at kdab.com | Software Engineer
KDAB (Deutschland) GmbH&Co KG, a KDAB Group company
Tel. Germany +49-30-521325470, Sweden (HQ) +46-563-540090
KDAB - Qt Experts - Platform-independent software solutions

More information about the devel mailing list