[Gluster-infra] ci.gluster.org to be reinstalled

Michael Scherer mscherer at redhat.com
Fri Apr 10 13:56:01 UTC 2015


so I just been contacted by RH IT security team because the new server
was ddossing a hosting company. Turn out this was again the same problem
as last time, ie, weak root password (set by me) and me assuming that
salt would disable password authentication. 

It turn out that the change to do so was never merged in HEAD as we had
some concern regarding the configuration file ( or rather, when we did,
it broke sshd on everything but RHEL 7 hosts... ), and we wanted to
merge after a more torough look ( but merge didn't happened ).

So i will merge the change on sshd. As we added freebsd to the mix in
the mean time, I will just restrict the change to RHEL for now until I
figure what to change for freebsd ( like file position, key, etc ).

Then I will reinstall the server today, update firmware while on it, as
Justin reminded me on irc, make sure there is a complicated password
enough ( hoping to not lock out myself ), and re-salt it. 

So if there is any breakage, ping me on irc. 

Michael Scherer
Open Source and Standards, Sysadmin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://www.gluster.org/pipermail/gluster-infra/attachments/20150410/2996291c/attachment.sig>

More information about the Gluster-infra mailing list