30 Nov 2021 |
proletarius101 | In reply to @_oftc_jochensp:matrix.org proletarius101: I don't have access to gcc136 (only tunnel, no shell) i see | 12:50:30 |
jochensp | _hc: ^ | 12:51:09 |
proletarius101 | solved with Hans | 12:59:49 |
_hc | I forgot to add his key to the tunnel user | 13:00:54 |
_hc | would be nice to have all this in ansible... | 13:01:21 |
jochensp | I recommend a ssh CA | 13:01:39 |
_hc | the idea of setting up a CA gives me shivvers | 13:02:23 |
_hc | I've done it with TLS... | 13:02:35 |
jochensp | ssh is not TLS ;) | 13:02:50 |
jochensp | https://www.lorier.net/docs/ssh-ca.html | 13:03:36 |
jochensp | I would recommend to disable ~/.ssh/authorized_keys as well | 13:04:54 |
jochensp | hm.. buildserver is building again but no publish and now fdroiddata update :/ | 13:37:00 |
jochensp | ..or rather, fdroiddata was update but to a version 4 days ago | 13:37:47 |
_hc | yeah that's not something I'm going to take o | 13:42:10 |
_hc | * yeah that's not something I'm going to take on | 13:42:28 |
_hc | ssh-ca | 13:42:33 |
jochensp | I would do it if I would be root ;) | 13:46:00 |
_hc | aren't you? | 13:46:16 |
jochensp | at least not on gcc136 | 13:46:45 |
_hc | but really, anything set up should be put in the ansible | 13:46:46 |
_hc | fdroid-cfarm-... is the bare metal | 13:47:03 |
_hc | fdroid-bootstrap-buildserver are the instances | 13:47:12 |
jochensp | what do you mean by fdroid-cfarm-...? | 13:47:47 |
_hc | I forgot the whole name, its a project on gitlab.com/fdroid | 13:50:54 |
jochensp | fdroid-cfarm-bootstrap, got you | 13:51:38 |
jochensp | though that seems to be only fdroidGcc147 | 13:53:09 |
_hc | that was used on gcc136, 137, and others | 14:42:42 |
_hc | maybe all 5, I don't remember exactly | 14:42:49 |
jochensp | hm.. I can access 147 and 148, 136 gives "Permission denied", 137 "No route to host" and 149 a password prompt | 14:54:20 |
_hc | I guess 137 is down, that can be reported on the gcc cfarm's website | 15:09:47 |