Re: [Savannah-hackers-public] Re: ssh logins to lists.gnu.org

[Danny Clark]

Karl Berry wrote:
>     such as fwknopd (with GnuPG public key auth) or ostiary (which I think
>     can only do shared secret passwords)?
> 
> I'd much rather have no access from fencepost than figure out some new
> software configuration (I've never heard of either of those programs)
> that will probably be break or be inaccessible just when it is most
> needed.  Please, no more hoops ...
> 
> If you want to choke off access from fencepost, ok, I understand.  Life
> goes on.

I think there is a miscommunication here - I was just advocating people
not using fencepost as a base from which to do secure things on other
hosts (eg personal machine -> fencepost -> sensitive fsf/gnu machine).

The programs (aka extra hoops) I mentioned would be installed on
"sensitive fsf/gnu machine", in this case lists, as a more secure
alternative to having the "extra hoop" be to first get a shell on
fencepost, and then go from there to elsewhere, since fencepost is not
exactly a good candidate to do one's security-sensitive work from; in
the best case it still adds another point of possible failure in
addition to your personal machine.

So this would be an alternative to the current situation of manually
maintaining lists of IP addresses from which access to lists.gnu.org is
allowed, which (a) doesn't work for people who don't happen to have
personal machines with fixed IP addresses, (b) is prone to bit rot
(someone has to maintain the lists of IP addresses), and (c) relies on
IP addresses being non-spoofable as the extra layer of security, which
is a dubious proposition.

-- 
Daniel JB Clark   | Sys Admin, Free Software Foundation
pobox.com/~dclark | http://www.fsf.org/about/staff#danny

signature.asc
Description: OpenPGP digital signature