Request: add my SSH public keys to the set of authorized keys on the INRIA server #127
Comments
|
I suggest creating a dedicated user account for ahelwer to keep the upload account separate in case there is a compromise of either account. I can add the github private key as a repository secret here. |
|
@ahelwer: do you mean adding these keys for a limited time while you debug the CI scripts ? Otherwise I agree it's better to create a separate account for you. |
|
Yes this would only be necessary while I write/debug the CI scripts. I guess I'm not entirely sure whether my own user account would be sufficient because I want to (1) replicate the method of distribution for the tla2tools.jar but with TLAPM and (2) update the TLAPM Inria docs automatically (https://tla.msr-inria.inria.fr/tlaps/content/Home.html) so whether my own account would be sufficient to learn/modify the current setup is dependent on what the current setup even is, which I do not know. Perhaps a user account where I at least have read access to all other users' home directories would be sufficient. Then I can clone the setup to some test server I setup on Azure or something. |
kuppe@tla:~$ ls -lah /home/github/
total 56K
drwxr-xr-x 9 github github 4.0K Apr 2 2020 .
drwxr-xr-x 9 root root 4.0K Apr 1 2020 ..
-rw------- 1 github github 416 Apr 2 2020 .bash_history
-rw-r--r-- 1 github github 220 Apr 1 2020 .bash_logout
-rw-r--r-- 1 github github 3.5K Apr 1 2020 .bashrc
drwxr-xr-x 2 github github 4.0K Apr 1 2020 bin
drwx------ 3 github github 4.0K Apr 1 2020 .cache
drwx------ 4 github github 4.0K Jun 22 2022 .config
drwx------ 3 github github 4.0K Apr 1 2020 .gnupg
drwx------ 3 github github 4.0K Apr 1 2020 .local
-rw-r--r-- 1 github github 807 Apr 1 2020 .profile
drwx------ 2 github github 4.0K Apr 1 2020 .ssh
drwxr-xr-x 6 github github 4.0K Sep 17 2020 upload
-rw------- 1 github github 786 Apr 1 2020 .viminfo
kuppe@tla:~$ ls -lah /home/github/upload/
total 24K
drwxr-xr-x 6 github github 4.0K Sep 17 2020 .
drwxr-xr-x 9 github github 4.0K Apr 2 2020 ..
drwxr-xr-x 3 github github 4.0K Apr 28 00:54 dist
drwxr-xr-x 14 github github 4.0K Apr 28 00:40 doc
drwxr-xr-x 2 github github 4.0K Apr 28 01:30 products
drwxr-xr-x 5 github github 4.0K Apr 28 00:54 repository
|
|
Can you create a user account then please? This is entirely about making iteration time as small as possible. |
|
You should be able to log in the machine. By the way, the TLAPS documentation could also be uploaded to Github pages, hosted at |
|
@lemmy that might be an easier route to go for the docs actually. IIRC all you'd need to do is activate github pages in the repo settings, set it to serve from |
|
Apparently, there is already https://proofs.tlapl.us/ 
|
|
@ahelwer I will deactivate your account to minimize the attack surface if you no longer need SSH access to the Inria machine. |
|
Still needed for uploading binaries. Could you switch it to serve from main? |
|
Are binaries also uploaded to Github? Why don't you use the github account for that? |
Switched |
I will, but would still like access until that feature is complete. |
For CI development we want to:
For CI development iteration speed I need access to the INRIA server so I can see directory layouts and try out commands before putting them in a CI script. Could @lemmy @damiendoligez or @muenchnerkindl please add the following keys to the
/home/github/.ssh/authorized_keysfile on the INRIA server so I have access to thegithubuser account on there?The private key counterparts reside in hardware U2F tokens so there is no risk of them being exposed (unless somebody robs my house).
Ref #125 (comment)
The text was updated successfully, but these errors were encountered: