SSH keys can be limited by IP in authorized hosts.
The SSH port itself can be limited by IP in firewalls.
Finally, the SSH private key can be encrypted with a password.
Defense in depth is needed. Storing a ssh private key in plain text with no IP restriction is no different to having a password manager store your passwords in plain text on your HD.
The point is to know better than to let the intern hurt themselves.
I once saw an engineer try to place the blame on his intern for taking down prod. I was sitting in a meeting with the VP of engineering and someone asked if it was ok for some to blame their intern for the SEV, and I remember the VP saying "I'll talk to $director_for_the_interns_mentor". Interns can't take down prod. An intern's mentor willingly watching an intern take down prod is the closest you can get.
Much worse, instead of the data gone it's a data leak.
Those ssh keys can be used to access private servers
SSH keys can be limited by IP in authorized hosts.
The SSH port itself can be limited by IP in firewalls.
Finally, the SSH private key can be encrypted with a password.
Defense in depth is needed. Storing a ssh private key in plain text with no IP restriction is no different to having a password manager store your passwords in plain text on your HD.
All those things are optional.
Doesn't make uploading the keys that much better. Now is the time for key rotation everywhere. Fast.
4 replies →
Well, those ssh keys are protected by a strong passphrase, right?
The passphrase is optional, not everyone has it.
It also has to be a secure password, people often don't care because it's a local file and generally not exposed to the internet.
1 reply →
I once ran rm -rf on a live NFS mount that the live operations of a major brokerage depended upon.
I challenge any agent to do worse than an intern with root access.
The point is to know better than to let the intern hurt themselves.
I once saw an engineer try to place the blame on his intern for taking down prod. I was sitting in a meeting with the VP of engineering and someone asked if it was ok for some to blame their intern for the SEV, and I remember the VP saying "I'll talk to $director_for_the_interns_mentor". Interns can't take down prod. An intern's mentor willingly watching an intern take down prod is the closest you can get.
Reminds me I need to update my `burn.sh` script.