On Thu, Aug 23, 2012 at 8:28 AM, Trent Nelson <trent@snakebite.org> wrote:
> Hi folks,
>
>     I've set up a bunch of Snakebite build slaves over the past week.
>     One of the original goals was to provide Python committers with
>     full access to the slaves, which I'm still keen on providing.
>
>     What's a nice simple way to achieve that in the interim?  Here's
>     what I was thinking:
>
>         - Create a new hg repo: hg.python.org/keys.
>
>         - Committers can push to it just like any other repo (i.e.
>           same ssh/authz configuration as cpython).
>
>         - Repo is laid out as follows:
>             keys/
>                 <python username>/
>                     ssh     (ssh public key)
>                     gpg     (gpg public key)
>
>         - Prime the repo with the current .ssh/authorized_keys
>           (presuming you still use the --tunnel-user facility?).

Make ssh and gpg directories and this sounds like a usefully secure
way to allow us to add extra keys (currently, there's a security hole
in the fact that requests to change our registered ssh key for access
are not themselves authenticated electronically)

Screw security, it would mean ssh keys would be self-serve! =) No more having to email an alias that bugs Georg and Antoine to add a key when you can do it yourself (or for the person who you nominated to gain commit access).
">

(original) (raw)



On Wed, Aug 22, 2012 at 7:03 PM, Nick Coghlan <ncoghlan@gmail.com> wrote:

On Thu, Aug 23, 2012 at 8:28 AM, Trent Nelson <trent@snakebite.org> wrote:
> Hi folks,
>
> I've set up a bunch of Snakebite build slaves over the past week.
> One of the original goals was to provide Python committers with
> full access to the slaves, which I'm still keen on providing.
>
> What's a nice simple way to achieve that in the interim? Here's
> what I was thinking:
>
> - Create a new hg repo: hg.python.org/keys.
>
> - Committers can push to it just like any other repo (i.e.
> same ssh/authz configuration as cpython).
>
> - Repo is laid out as follows:
> keys/
> <python username>/
> ssh (ssh public key)
> gpg (gpg public key)
>
> - Prime the repo with the current .ssh/authorized\_keys
> (presuming you still use the --tunnel-user facility?).

Make ssh and gpg directories and this sounds like a usefully secure
way to allow us to add extra keys (currently, there's a security hole
in the fact that requests to change our registered ssh key for access
are not themselves authenticated electronically)

Screw security, it would mean ssh keys would be self-serve! =) No more having to email an alias that bugs Georg and Antoine to add a key when you can do it yourself (or for the person who you nominated to gain commit access).

This assumes, of course, that Georg, Antoine, and Martin are cool with this can get some hook set up to make this work with our current setup.

Also, nice work on getting to this point, even though it turned out to
be a lot more work than you originally anticipated!

I expect a TIP BoF update at PyCon US 2013 or else I consider this an early April Fool's joke. =)