[Rack] Secretary account

Jonathan Lassoff jof at thejof.com
Thu Aug 21 06:35:28 UTC 2014 

On Wed, Aug 20, 2014 at 11:16 PM, Torrie Fischer
<tdfischer at hackerbots.net> wrote:
>
>
> On August 20, 2014 10:30:57 PM PDT, Andy Isaacson <adi at hexapodia.org> wrote:
>>On Wed, Aug 20, 2014 at 09:41:34PM -0700, Torrie Fischer wrote:
>>> Is there some kind of shared secretary shell account on
>>noisebridge.net?
>>
>>There's no shell account but we do have a secretary@ alias that goes to
>>the secretary
>
> I think I should be added to that now. Naomi and Tom can vouch for that.
>
>>
>>> I'd like to have this new reincarnation of secretaribot in a crontab
>>> running somewhere that people who aren't me can access, through a
>>> shared shell account with pubkey authentication.
>>
>>That sounds like a good plan!  I'd prefer that it not be on the
>>webserver, though, that seems like a poor combination of security
>>roles.
>>
>>I think secretaribot used to run on the pony vm.
>
> RIP pony
>
>>
>>> I've also got this big bundle of membership forms. They only exist in
>>> paper format which makes me nervous. I'd like to scan them and keep
>>> them in encrypted storage on nb.net as a backup and be very cautious
>>> about who has the keys. I think this might help lower the bus factor
>>> that has previously plagued us.
>>
>>Also seems pretty reasonable.  Shall we get an administrivia server set
>>up for such internal roles?  Do we want it to be a VM on a cloud
>>somewhere or would we prefer actual hardware?
>
> I'd prefer something not easily accessible because physical security to what has traditionally been considered very private information is good. Note that I'm not saying this should be the only or even canonical repository of data, but there's been enough controversy around the slightest hint of public listing that omg no I don't want to go there.
>
> Tight by default until consensus figures out what's a good answer to "how open".
>
> I leave it up to rack@ to figure out implementation details. I believe my ssh key is on the wiki. <3

It can be difficult to secure online systems.
How about images on some USB flash sticks?
Seems like the easiest way to assuage doxing fears.

Yay for backups beyond "the binder".
>
>>
>>-andy
>
> _______________________________________________
> Rack mailing list
> Rack at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/rack

More information about the Rack mailing list