security: move away from SSH keys stored in cleartext #1603
Labels
kind/feature
New feature request
Comments
|
Edit: this should have been a feature request rather than a bug |
xpillons
added
kind/feature
|
can you please elaborate more on this ? moving to bicep would remove that I guess. |
|
This was flagged by an automatic security scanner of a customer. I think the basic premise is simply that storing SSH keys in cleartext (time-unlimited token) on a web server allows an attacker who gains access to the machine to move laterally through the network and should be avoided. Thinking a bit more about this, I guess in the case of a compromise of the deployer VM, the main worry is actually the (permanent) system managed identity rather than the SSH key for the cluster. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently, the terraform deployment step results in the
hpcadminSSH key being stored in cleartext in the volume of the deployer, which allows for lateral movement in the network.It would be preferable to use a local key management solution, such as password-protected (encrypted) SSH keys with an SSH agent and a timeout for
ssh-add(e.g. 24h).The text was updated successfully, but these errors were encountered: