[NCUC E-team] Hosting the NCUC E-Platform
David Cake
davecake at gmail.com
Tue Mar 5 03:19:53 CET 2013
On 04/03/2013, at 10:01 PM, Tapani Tarvainen <ncuc at TAPANI.TARVAINEN.INFO> wrote:
> On Mar 04 16:44, Wilson Abigaba (wilson at isoc.ug) wrote:
>
>> Ok, Could we have the details so that we start work, please?
>>
>> We need to create the VPS.
> General idea should be that everything is documented well
> enough that if someone's run over by a truck, another
> person can pick up from there.
> In particular, everything done as root should be documented
> well enough that another linux-knowledgeable person can
> redo it without much thinking.
> I'm in the habit of writing log files with cut'n'paste-able
> commands showing exactly what I've done, in addition
> to short comments explaining what they're for.
> (I use emacs with macros for automatic timestamping,
> but that's less important.)
> I'd also like to set up automatic saving of root
> shell histories.
This sounds reasonable.
> And all admins should have their own logins rather
> than using root directly, preferably using only
> ssh with rsa authentication, and perhaps
> even that limited to specific IPs.
Unless those IPs are of intermediary servers (which would be a system that I would hate), limiting to specific IPs would quite likely be a problem, very inconvenient for those (like me) whose ISP might change static IP on them, but I can also imagine a situation in which all the team are travelling to the same meeting and so most or all may have difficulty accessing via the correct IPs.
I'm in favour of ssh with RSA, and happy to trust that for security.
Regards
David
More information about the E-team
mailing list