OCaml Forge

Forum: ssh-access-to-forge.ocamlcore.org

Posted by: Sylvain Le Gall
Date: 2008-04-30 16:51
Summary:SSH access to forge.ocamlcore.org
Project:Site Admin

For security reasons, SSH access is restricted. For general information, since ocamlcore.org is online, we already have a lot of brute force attacks.

There is two main security measures:
- You cannot login to any *.ocamlcore.org site, using SSH, without a key. There is no password authentification.
- If there is too many failed login attempts from an IP address, this IP is banned and cannot do further authentification attempts.

The SSH key restriction leads to message like "Permission denied (publickey)". The IP banning leads to message like "Connection closed by foreign host".

To have a valid SSH key to login into your SSH account or to access services over ssh (SVN, CVS, git, hg, darcs), you need to import a valid ssh public key. You should follow the instruction on your account page:
https://forge.ocamlcore.org/account/editsshkeys.php

To manage your key, you should consider editing your ~/.ssh/config and add:

Host *.ocamlcore.org
User XXX
IdentityFile ~/.ssh/ZZZ


The SSH key are synced by a cronjob, you need to wait for it, before being able to login (wait for something like 2 hours).

This kind of security measures is very important. If someone is able to login, he will be able to destroy, alter or stop the service. If you key has been stolen, you should remove it from your account preferences.

Latest News

Migration starting this evening, bzr disabled for now

Sylvain Le Gall - 2014-10-28 09:48 -

OCaml Forge maintenance

Sylvain Le Gall - 2014-10-15 06:58 -

Handling spam on the forge

Sylvain Le Gall - 2013-10-25 22:41 -

SSL up again, special thanks to Gabriel Kerneis

Sylvain Le Gall - 2013-10-01 22:03 -

Discussion Forums: ssh-access-to-forge.ocamlcore.org

Monitor Forum | Start New Thread Start New Thread
Topic Topic Starter Replies Last Post
  ssh host key fingerprints
ygrek
02008-05-14 12:32