Archived
15
23
Fork
You've already forked meta
6

Handling access for SSH based systems #66

Closed
opened 2022年12月14日 21:14:57 +01:00 by gapodo · 1 comment
Contributor
Copy link

Followup to #60

Below is a direct copy from #60...


@gapodo in #60

While we should have one key "shared", I belive we should think about it being a "fallback" and build a mechanism to distribute keys.

Long term we should:

  • Have an "ultimate" fallback key, which is well kept (and out of reach from most, potentially similar to the gpg keys)
  • Have a key for automation tasks (not shared with people)
  • Have a mechanism and process with which we allow new keys and distribute them
  • Have a mechanism to revoke keys easily (if someone leaves)
  • Document the usage of "non-user" keys (such as automation) and prepare for quickly exchanging them, if someone leaves or a machine may be compromised

For now (with only 2 of us we may run a "light" variant of it), but we should strive to achive this.

Another option may be to use ssh certificates instead of keys, since certificates can be revoked (or short lived) and limited to usernames and permissable binaries.


This still holds mostly true, but due to the Codeberg infrastructure requiring hardware based ssh keys, for now at least, the fallback key is not really an option (unless we start using something along the lines of the mooltipass and send key cards by snail mail and put up the database in the secrets repo)

Followup to #60 Below is a direct copy from #60... ----- [@gapodo in #60](https://codeberg.org/forgejo/meta/issues/58#issuecomment-704625) While we should have one key "shared", I belive we should think about it being a "fallback" and build a mechanism to distribute keys. Long term we should: - [ ] Have an "ultimate" fallback key, which is well kept (and out of reach from most, potentially similar to the gpg keys) - [ ] Have a key for automation tasks (not shared with people) - [ ] Have a mechanism and process with which we allow new keys and distribute them - [ ] Have a mechanism to revoke keys easily (if someone leaves) - [ ] Document the usage of "non-user" keys (such as automation) and prepare for quickly exchanging them, if someone leaves or a machine may be compromised For now (with only 2 of us we may run a "light" variant of it), but we should strive to achive this. Another option may be to use ssh certificates instead of keys, since certificates can be revoked (or short lived) and limited to usernames and permissable binaries. ----- This still holds mostly true, but due to the Codeberg infrastructure requiring hardware based ssh keys, for now at least, the fallback key is not really an option (unless we start using something along the lines of the mooltipass and send key cards by snail mail and put up the database in the secrets repo)

There are no SSH machines in the Forgejo infrastructure just yet. It relies on Codeberg for the CI machine. That means this issue can be closed. And re-opened, when/if Codeberg has its own machines one day.

Although it could stay open, it will cluter this issue tracker. When and if there are machines, a dedicated issue tracker for devops will need to be create anyways. And an issue create there.

Feel free to reopen if you think differently. No need to explain why, just re-open :-)

There are no SSH machines in the Forgejo infrastructure just yet. It relies on Codeberg for the CI machine. That means this issue can be closed. And re-opened, when/if Codeberg has its own machines one day. Although it could stay open, it will cluter this issue tracker. When and if there are machines, a dedicated issue tracker for devops will need to be create anyways. And an issue create there. Feel free to reopen if you think differently. No need to explain why, just re-open :-)
Commenting is not possible because the repository is archived.
No Branch/Tag specified
readme
No results found.
Labels
Clear labels
[Decision] Building proposal(s)
We're in a decision-making process, buiding one or more proposals to address the shared aim based on the criteria
[Decision] Gathering criteria
We're in a decision-making process, gathering criteria, considerations and needs
[Decision] Integrating concerns
We're in a decision-making process, working with a proposal, trying to integrate concerns and create modifications/support such that the proposal works for everyone
Accessibility
Relates to Accessibility (a11y) of product, project and process.
Agreement proposal
Forgejo agreement proposal, following a discussion
Communication
Relates to all channels, social media, website, blog posts.
Election
Process of appointing a person into a role or team (if choosing people just for a specific one-time task, use the Entrustment label)
Entrustment
Process of choosing/approving specific people to do a critical/high-impact one-time task (if choosing people for an ongoing role/team, use the Election label)
Governance
Relates to processes, procedures and decision-making.
Meeting
An upcoming team meeting
User research - Accessibility
Requires input about accessibility features, likely involves user testing.
User research - Blocked
Do not pick as-is! We are happy if you can help, but please coordinate with ongoing redesign in this area.
User research - Community
Community features, such as discovering other people's work or otherwise feeling welcome on a Forgejo instance.
User research - Config (instance)
Instance-wide configuration, authentication and other admin-only needs.
User research - Errors
How to deal with errors in the application and write helpful error messages.
User research - Filters
How filter and search is being worked with.
User research - Future backlog
The issue might be inspiring for future design work.
User research - Git workflow
AGit, fork-based and new Git workflow, PR creation etc
User research - Labels
Active research about Labels
User research - Moderation
Moderation Featuers for Admins are undergoing active User Research
User research - Needs input
Use this label to let the User Research team know their input is requested.
User research - Notifications/Dashboard
Research on how users should know what to do next.
User research - Rendering
Text rendering, markup languages etc
User research - Repo creation
Active research about the New Repo dialog.
User research - Repo units
The repo sections, disabling them and the "Add more" button.
User research - Security
User research - Settings (in-app)
How to structure in-app settings in the future?
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
forgejo/meta#66
Reference in a new issue
forgejo/meta
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?