[H-SASIG] Proposed changes to Excalibur
Raymond Smith
raymond at storybridge.org
Thu Dec 3 03:55:35 EST 2009
As far as I know, it was always possible for HUMBUG sysadmins to SSH
to caliburn from the meeting. There may have been a time when you had
to first log into hydra, but all sysadmins had access to hydra anyone
so it was a moot point. In fact one of the motivations for hosting
caliburn at UQ was to maintain SSH access to that box.
Bringing the conversation back to topic: all this talk of security is
obscuring the point. The reason we need to change the port number is
(if I understood Russell) because that port is unavailable to the
virtual machine we have been offered. Likewise, the chroot hackery is
all because of the limitations of the virtual machine on offer.
Personally, I think this shows the problems of using a service which
does not provide us with complete control over a full machine.
However, given that the executive has decided to avoid spending money
on this we really cannot be choosers. Furthermore, I can't really
think of any way (other than access at meetings) that this would
degrade service. I guess the maintenance of the non-standard chroot
hackery is a potential cost in terms of time. But again, it doesn't
affect the service to members.
So -- I guess I'd like to see us get a proper virtual machine
somewhere, but failing that the plan (with modifications discussed)
does not sound too bad to me.
Cheers,
Raymond
More information about the Sasig
mailing list