Home
DevCentral
Search
Configure Global Search
Log In
Transactions
T1628
Change Details
Change Details
Old
New
Diff
Zemke-Rhyne is a small bridge between Phabricator and our servers to fetch credentials stored on DevCentral. The Docker servers have the right to connect through SSH to a special account on a specific server (currently Ysul) with keys stored here too. There is a script to generate the SSH authorized_files with those keys (and metadata like the IP of the server matching this key). **Reproduce steps:** While Phabricator can't answer: 1. Go to Ysul, switch to zr account 2. `make clean all` **Expected result:** - any error handling (e.g. an exception thrown) - it doesn't recreate the .ssh/authorized_files (or creates it as a blank file) **Actual result:** It silently creates the file .ssh/authorized_files without raising any warning, without key. **Fix** Fix to implement in rZR: - https://devcentral.nasqueron.org/source/zemke-rhyne/browse/master/lib/GetPublicKeys.php is the script called to regenerate ~zr/.ssh/authorized_files - https://devcentral.nasqueron.org/source/zemke-rhyne/browse/master/lib/GetPublicKeys.php$61 is the method used to fetch a public key
Zemke-Rhyne is a small bridge between Phabricator and our servers to fetch credentials stored on DevCentral. The Docker servers have the right to connect through SSH to a special account on a specific server (currently Ysul) with keys stored here too. There is a script to generate the SSH authorized_files with those keys (and metadata like the IP of the server matching this key). **Reproduce steps:** While Phabricator can't answer (e.g. because Phabricator container is down): 1. Go to Ysul, switch to zr account 2. `make clean all` **Expected result:** - any error handling (e.g. an exception thrown) - it doesn't recreate the .ssh/authorized_files (or creates it as a blank file) **Actual result:** It silently creates the file .ssh/authorized_files without raising any warning, without key. **Fix** Fix to implement in rZR: - https://devcentral.nasqueron.org/source/zemke-rhyne/browse/master/lib/GetPublicKeys.php is the script called to regenerate ~zr/.ssh/authorized_files - https://devcentral.nasqueron.org/source/zemke-rhyne/browse/master/lib/GetPublicKeys.php$61 is the method used to fetch a public key
Zemke-Rhyne is a small bridge between Phabricator and our servers to fetch credentials stored on DevCentral. The Docker servers have the right to connect through SSH to a special account on a specific server (currently Ysul) with keys stored here too. There is a script to generate the SSH authorized_files with those keys (and metadata like the IP of the server matching this key). **Reproduce steps:** While Phabricator can't answer
(e.g. because Phabricator container is down)
: 1. Go to Ysul, switch to zr account 2. `make clean all` **Expected result:** - any error handling (e.g. an exception thrown) - it doesn't recreate the .ssh/authorized_files (or creates it as a blank file) **Actual result:** It silently creates the file .ssh/authorized_files without raising any warning, without key. **Fix** Fix to implement in rZR: - https://devcentral.nasqueron.org/source/zemke-rhyne/browse/master/lib/GetPublicKeys.php is the script called to regenerate ~zr/.ssh/authorized_files - https://devcentral.nasqueron.org/source/zemke-rhyne/browse/master/lib/GetPublicKeys.php$61 is the method used to fetch a public key
Continue