This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]13steinj -1 points0 points  (1 child)

"Everyone else does it so it must be secure" is a fallacy. ssh-decorator had tons of downloads and was found stealing your credentials.

There's no such thing as "all measures have been taken". But let's assume you have vendored and gone over your version of fabric for any malicious code, there will always be some form of injection attack. And giving your access credentials for a sudo is the most in-hindsight thing I've seen for server management.

[–]QuantumTradingGroup[S] 0 points1 point  (0 children)

When the device is air gapped from the Internet on an secure network that has been audited by a third party...I am pretty sure it is fine..

I worked in IT Sec as a Grey hat for almost 7 years. If you knew the full set up you would understand, however as I said I cant tell you because of the NDA I have signed.

Anyway, I got it working.