November 8th & 9th, 2024
Love SeaGL and want to help out? Get Involved
This video recording is archived by the Internet Archive. If you value their service, please consider thanking them with a small donation.

SSH from your DevOps CI/CD securely

SeaGL 2021

Your CI/CD pipeline needs to make things happen, and often that means hitting other machines via SSH or rsync. Since no human is at the keyboard to type a password, how do you automate this securely? We’ll show alternatives to passwordless keys in your repository (BAD!!!), describe the security implications, and how you can assure that these keys are usable only for the commands they require.

Presenters

Bri Hatch

Bri Hatch, ExtraHop Networks

Bri Hatch is Director of IT at ExtraHop Networks, and Chief Hacker at Onsight, Inc. An adamant Open Source advocate and security buff, Bri is the author of Hacking Linux Exposed, Building Linux VPNs, and numerous online articles on the topics of Linux, security, and coding. He has been securing and breaking into systems since before he traded in his Apple II+ for his first Unix system.

Resources