SSH from your DevOps CI/CD securely
Schedule

Presented by:

Bri Hatch

from ExtraHop Networks

Bri Hatch is Chief Hacker at Onsight, Inc. An adamant Open Source advocate and security buff, Bri is the author of Hacking Linux Exposed, Building Linux VPNs, and numerous online articles on the topics of Linux, security, and coding. He has been securing and breaking into systems since before he traded in his Apple II+ for his first Unix system.

Your CI/CD pipeline needs to make things happen, and often that means hitting other machines via SSH or rsync. Since no human is at the keyboard to type a password, how do you automate this securely? We'll show alternatives to passwordless keys in your repository (BAD!!!), describe the security implications, and how you can assure that these keys are usable only for the commands they require.

Date:
2021 November 5 - 10:10
Duration:
30 min
Room:
Room 3
Conference:
SeaGL 2021
Language:
Track:
DevOps
Difficulty:
Medium

Happening at the same time:

  1. Responding Thoughtfully to a Crisis
    2. Start Time:
    2021 November 5 10:10

    Room:
    Room 2

  2. FLOSS daily — but FLO all the time
    3. Start Time:
    2021 November 5 10:10

    Room:
    Room 1