Secure Remote Callback Support

  • Swimlane: Instance Features
  • Column: Parking Lot
  • Position: 5
  • Assignee: not assigned
  • Creator: AndrewCz
  • Assigned Group: not assigned
  • Started:
  • Created: 2021/04/11 02:21
  • Modified: 2022/01/22 11:57
  • Moved: 2022/01/22 11:57
Description

Why: We need a way to secure callback support to clients in the event that their instance needs maintenance via root. This would open up a way for us to SSH into it that was otherwise unavailable before they initiated the callback.

DONE: The clients can click a button on Portal to initiate a support callback tunnel for us to hook into and SSH as root into the server.

HOW:

  • https://andrewcz.com/jekyll/2017/callback-service-for-desktop-support/
  • we'll need a break-glass solution in case this is not available.
    • we could always use the admin user as long as we have the password to the vault
    • but if portal is down, we can't log in to Portal, and will need some other way in.
    • This would preferably be through DigitalOcean, and trigger a support email to the client be sent out.
  • We should have this on some sort of a dead man's switch so that no box can get locked out forever.
Sub-Tasks
Internal links
This task is duplicated by (1) Assignee Time tracking
#2157 Secure Remote Callback Support (OurCompose Projects Q4 2021 - Done) AndrewCz
Comments