Comments (1)
c-mart
commented on July 23, 2024
This makes your Atmosphere server vulnerable to man-in-the-middle attacks. If you can corrupt my DNS or steal BGP routes upstream on the network (both of which are regularly used as attack vectors), then when I pull down code from version control to deploy a new release, you could point me to your evil git server and I'll get your evil code instead of my own, which I will then run as root, when I deploy with Clank.
I'm guessing host key checking was disabled so that the Atmosphere server can SSH to new instances (to run atmosphere-ansible) without knowing their host key ahead of time. If that is the case, here is a sketch of a better solution:
Each time an Atmosphere user launches an instance, we can generate a new SSH host keypair on the Atmosphere server. The public key would be added to the Atmosphere server's known_hosts file, and the keypair would be stored as instance metadata in OpenStack. We can pass a script as user_data to cloud-init which will retrieve the metadata and set the host keypair on the instance when it first boots. This way, the Atmosphere server will always have a reasonable assurance it is SSHing to the host that it intends to.
Bonus: we can display the instance's host key fingerprint to the user via the Troposphere UI and Atmosphere API, so that when a user SSHes to the instance and is prompted to accept the host key, he or she can also be reasonably assured that there is no man-in-the-middle attack.
@amercer1, @steve-gregory, et al., what do you think?
from clank.
Related Issues (20)
- Revisit "List of Files Needed" in README
- ImportError: No module named backports.ssl_match_hostname HOT 1
- Run Clank twice in Travis test
- Use `pip-tools` for Clank's requirements HOT 1
- Problem: Troposphere pull requests are created without any build verification
- Clean up travis.yml's postgres install section
- Issues of running 'pip install -r clank/requirements.txt' HOT 3
- Cannot restart atmosphere on Ubuntu 16.04 HOT 2
- Make finer grained backups
- Problem: Atmosphere Django cache directory not writable by www-data HOT 1
- Problem: Configure system `ulimit` (open files) HOT 1
- Run clank with previous release of Atmosphere/Troposphere HOT 7
- Clank on CentOS7 HOT 1
- Create New Relic deployment
- Warn/Error when New Relic is not installed/configured/working HOT 1
- Not picking up the correct repos to clone HOT 1
- Cannot uninstall new relic HOT 7
- app-install-instance-deploy-automation role fails on remote deployment when creating hosts file
- CI test in Different Linux Distros HOT 3
- Default NGINX config breaks http->https redirect
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from clank.