That’s not really a security disaster unless you consider all of SSH a security ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		apple4ever on Feb 2, 2020 \| parent \| context \| favorite \| on: Sovereign: Ansible playbooks to build and maintain... That’s not really a security disaster unless you consider all of SSH a security disaster. If you are concerned about Ansible SSH’ing in (which means you are concerned about any person SSH’ing in), you just do the standard SSH hardening.

eeZah7Ux on Feb 9, 2020 [–]

...and yet SSHing on a production system to make configuration changes is prohibited in many large companies including some FAANGs.

Because you (or some intern hired a week ago) are 1 typo away from making a disaster.

For the record, security includes availability and this is an availability risk.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact