autonomic-cooperative
/
capsul-flask
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

update ssh article

This commit is contained in:
forest 2021-12-19 10:10:23 -06:00
parent 57eec21cf3
commit f30cc15870
2 changed files with 17 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
capsulflask/templates/about-ssh.html
View File

@ -254,13 +254,17 @@ Host key verification failed.
you <b>really did</b> verify that the server's public key fingerprint matches.
If you type <span class="code">yes</span> here without checking the server's host key somehow, you could add an attackers public key to the trusted
list in your <span class="code">~/.ssh/known_hosts</span> file; if you type <span class="code">yes</span> blindly, you are
<b>completely disabling all security of the SSH connection</b>.
It can be fully man-in-the-middle attacked & you are
vulnerable to surveillance, command injection, even emulation/falsification of the entire stream.
Will anyone actually attack you like that? Who knows. Personally, I'd rather not find out.
list in your <span class="code">~/.ssh/known_hosts</span> file; if you type <span class="code">yes</span> blindly,
you are technically vulnerable to a man-in-the-middle attack. Such an attack could silently surviel your connection,
inject commands, even emulate / falsify the entire SSH session.
Will anyone actually attack you like that? Probably not, because such an attack would be difficult to hide from someone who
knows where to look. Personally, however, I'd rather not fuck around and find out. I'd rather find a way to prove to myself
that my first SSH connection to a new server is secure, even if it's a potentially ephemeral virtual machine like a capsul.
</p>
<p>
So what are technologists to do? Most cloud providers don't "provide" an easy way to get the SSH host public keys
for instances that users create on thier platform. For example, see this
@ -269,20 +273,19 @@ Host key verification failed.
Besides using the provider's HTTPS-based console to log into the machine & directly read the public key,
providers also recommend using a "userdata script".
This script would run on boot & upload the machine's SSH public keys to a
trusted location like <a href="https://www.backblaze.com/b2/cloud-storage.html">Backblaze B2</a> or
This script would run on boot & upload the machine's SSH public keys to an object storage system like <a href="https://www.backblaze.com/b2/cloud-storage.html">Backblaze B2</a> or
<del>Amazon S3</del><sup><a href="#ref_1">[1]</a></sup>, for an application to retrieve later.
As an example, I wrote a
<a href="https://git.sequentialread.com/forest/rootsystem/src/1cdbe53974d20da97d9f522d4bd62c34487817c0/terraform-modules/gateway-instance-digitalocean/upload_known_hosts.tpl#L5">
<a href="https://git.sequentialread.com/forest/greenhouse/src/branch/master/backend.go#L1242-L1248">
userdata script which does this</a>
for my own cloud compute management tool called
<a href="https://git.sequentialread.com/forest/rootsystem">rootsystem</a>.
Later in the process, rootsystem will
<a href="https://git.sequentialread.com/forest/rootsystem/src/1cdbe53974d20da97d9f522d4bd62c34487817c0/host-key-poller/main.go#L33">
for my own automated VPS management code in
<a href="https://git.sequentialread.com/forest/greenhouse/">greenhouse</a>.
Later in the process, greenhouse will
<a href="https://git.sequentialread.com/forest/greenhouse/src/branch/master/backend.go#L1267-L1277">
download the public keys from the Object Storage provider
and add them to the ~/.ssh/known_hosts file</a>
before finally
<a href="https://git.sequentialread.com/forest/rootsystem/src/1cdbe53974d20da97d9f522d4bd62c34487817c0/terraform-modules/ansible-threshold-server/main.tf#L32">
<a href="https://git.sequentialread.com/forest/greenhouse/src/branch/master/backend.go#L1297-L1313">
invoking the ssh client against the cloud host</a>.
</p>

2
capsulflask/templates/index.html
View File

@ -22,7 +22,7 @@
<li>All root disks are backed up at no charge</li>
<li>All storage is fast, local, and solid-state</li>
<li>All network connections are low latency</li>
<li>Supported by amazing volunteers from Cyberia</li>
<li>Supported by amazing volunteers from Cyberia Computer Club</li>
<li>Upfront prices, no confusing billing</li>
<li>Operated by a Minnesota non-profit organization that will never exploit you</li>
<li>We donate a portion of our proceeds to likeminded hacker groups around the globe</li>