x/build/internal/coordinator/remote: add certificate authentication to SSH server #52594
Labels
Builders
x/build issues (builders, bots, dashboards)
FrozenDueToAge
NeedsFix
The path to resolution is known, but the work has not been done.
Milestone
Comments
cagedmantis
added
Builders
16 tasks
|
Change https://go.dev/cl/405258 mentions this issue: |
|
Change https://go.dev/cl/405255 mentions this issue: |
|
Change https://go.dev/cl/405257 mentions this issue: |
|
Change https://go.dev/cl/405256 mentions this issue: |
gopherbot
pushed a commit
to golang/build
that referenced
this issue
May 16, 2022
This change refactors the SSH Server used by the coordinator. Portions of the server have been moved into the internal/coordinator/remote package and are being prepared for the addition of a different authentication scheme. Updates golang/go#52594 For golang/go#47521 Change-Id: Ib1e961ea6d27c861f787068d237a02a47b6b0a2c Reviewed-on: https://go-review.googlesource.com/c/build/+/405255 TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Heschi Kreinick <[email protected]> Run-TryBot: Carlos Amedee <[email protected]> Reviewed-by: Alex Rakoczy <[email protected]> Auto-Submit: Carlos Amedee <[email protected]>
gopherbot
pushed a commit
to golang/build
that referenced
this issue
May 16, 2022
This change moves the SSH handlers into the internal packages. It also adds the handler which will use the session pool instead of the remote buildlets. Updates golang/go#52594 For golang/go#47521 Change-Id: I7e99fdbb16e0f80a871696cec79a9b638354e662 Reviewed-on: https://go-review.googlesource.com/c/build/+/405257 TryBot-Result: Gopher Robot <[email protected]> Auto-Submit: Carlos Amedee <[email protected]> Reviewed-by: Carlos Amedee <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Run-TryBot: Carlos Amedee <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]>
gopherbot
pushed a commit
to golang/build
that referenced
this issue
May 16, 2022
… status This adds the gomote instances to the status page presented at farmer.golang.org. Updates golang/go#52594 For golang/go#47521 Change-Id: I29c73262031fc95cc85cdb43734da49149c958b3 Reviewed-on: https://go-review.googlesource.com/c/build/+/405258 Reviewed-by: Dmitri Shuralyov <[email protected]> Run-TryBot: Carlos Amedee <[email protected]> Auto-Submit: Carlos Amedee <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Reviewed-by: Alex Rakoczy <[email protected]>
|
Change https://go.dev/cl/415679 mentions this issue: |
gopherbot
pushed a commit
to golang/build
that referenced
this issue
Jul 11, 2022
This change checks that the owner ID which has been set in the certificates principals correspond with the session being authenticated. The certificate contains the session ID and owner ID in the principals section. The session ID is checked before the owner ID is checked. For golang/go#52594 Change-Id: I5cedde248e01cbec22bf1c4c77aabf29a1edb2a7 Reviewed-on: https://go-review.googlesource.com/c/build/+/415679 Reviewed-by: Dmitri Shuralyov <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Run-TryBot: Carlos Amedee <[email protected]> Auto-Submit: Carlos Amedee <[email protected]> TryBot-Result: Gopher Robot <[email protected]>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
This tracks the adding of OpenSSH certificate authentication to the coordinator SSH server.
This is a component of the project to revamp the security model used by gomote #47521
https://github.com/orgs/golang/teams/release
The text was updated successfully, but these errors were encountered: