SSH from your DevOps CI/CD securely
Bri Hatch is Sr. Director of IT at ExtraHop Networks, and Chief Hacker at Onsight, Inc. An adamant Open Source advocate and security buff, Bri is the author of Hacking Linux Exposed, Building Linux VPNs, and numerous online articles on the topics of Linux, security, and coding. He has been securing and breaking into systems since before he traded in his Apple II+ for his first Unix system.
Your CI/CD pipeline needs to make things happen, and often that means hitting other machines via SSH or rsync. Since no human is at the keyboard to type a password, how do you automate this securely? We'll show alternatives to passwordless keys in your repository (BAD!!!), describe the security implications, and how you can assure that these keys are usable only for the commands they require.
- 2021 November 5 - 10:10
- 30 min
- Room 3
- SeaGL 2021