14 Apr
2024
14 Apr
'24
8:03 a.m.
On 14 April 2024 01:34:14 Andy Smith wrote:
There's a couple of ways this could go:
1. Remove direct SSH capability, replace with web
That change is likely to make the trusted computing based for shell VM
access much larger than it is now.
2. Firewall off SSH from the Internet, poke holes temporarily
Ideally with an API for defining the holes, or even better a VPN option
(WireGuard?).
In that story the VPN only allows (Xen) shell access and maybe also the
Bitfolk website(s).
…
What I'd like is to be able to configure MFA for the Xen shell. Maybe I use
a private key and also get prompted for OATH HOTP?
The chance of another xz like supply chain attack feels low, because people
will be looking for these now. My opinion - there is no special need to put
in effort planning to fight the last war again.
But remote access is tricky for sure and someone getting it can bypass many
layers of security. So general defence in depth is very worthwhile.
I guess something interesting could be done for those
not on legacy
Internet: assign unique IPv6 console address that can only be used
for connecting to that VM's Xen Shell. 😀
I like this idea, especially if combined with the option of bringing up a
VPN first. If you had VPN trouble, you could maybe have a setting to switch
from "VPN required" to "allow connections from this address range for n
minutes. Unsure about settings? Range could be ::0/0 or the IPv4
equivalent, and minutes could default to 1440. That is still more protected
than the status quo.
Tim