SSH Access to VMs
Provide a means to SSH into the VM should the build fail, so the submitter can debug the issue themselves.
Comments (6)
-
-
reporter Only Gentoo infra has access to Gentoo LDAP, and this won't be running on Gentoo infra for now (I could ask for an exception, but I don't know if it'll be allowed). There'll be a page where you can set your SSH keys for access into the VMs.
-
Each developer has read access to sshPublicKey field of other developers, so you can fetch pubkeys using your own account on a regular basis (e.g. daily) or ask infra for a special purpose account.
-
As a user, I'd like to be able to offer a VM on my workstation for a tinderbox cluster node. If that were possible, I don't think any devs would want to trust the security of such an environment with authentication credentials. So if a tinderbox cluster node were to be a thing, the security of its connection to Gentoo LDAP (if such a thing were present) should be considered.
-
reporter This may surprise you, but I'm not a Gentoo developer. The larger issue, though, is that Gentoo LDAP servers do not allow connections from machines not run by the Gentoo Infra team, so I can't query LDAP at all from a machine that isn't blessed. Thus, requiring people to provide their SSH public keys on the web interface to be able to log into the VMs is the only viable method.
-
This may surprise you, but I'm not a Gentoo developer
Ah, sorry, I missed that, even more thanks for your work :) I have no further objections.
- Log in to comment
Using public SSH keys from LDAP should be the most convenient way for developers, though I don't know if it will be easy to implement.