[arch-devops] security at archlinux.org address
Jelle van der Waa
jelle at vdwaa.nl
Mon Feb 11 20:35:36 UTC 2019
For security at archlinux.org the Security Team wants to setup a way for
reporters to securely mail encrypted issues to our email address. To
limit the bus factor we want to send those emails to multiple receivers
and then handle and/or forward the information appropriately. Schleuder
providers an solution to this issue by decryping the sent email and
re-encrypting it to the Arch Security team members.
Since this requires a GPG key to be on the server, we want to implement
this securely and hook up a nitrokey pro 2 to a separate Hetzner
dedicated server. This server serves the sole purpose of hosting the
security mail address. Installing by Hetzner costs 18 euro’s (excl.
VAT).
Options:
* Cheapest Hetzner server 34 euro / month and 40 euro setup fees.
* Hetzner auction server ~ 25 / month and no setup fees.
* Different dedicated server hoster which allows custom usb devices.
Benefits:
* Key can’t be recovered by an attacker who has access to the server.
* Receivers don’t need a shared private key but only their own.
* Separate server so no other software can influence/impact. Downsides:
Downsides:
* Nitrokey is out of our control, but we trust Hetzner already (ie. they
could easily hook up a malicious USB/BMC device already and gain root
privileges).
* Server dies, the Nitrokey has to be moved to the new server.
Questions:
* How to update the key, handle key expiration?
* Do we backup the key? Let someone have a separate nitrokey?
Setup:
* Levente (anthraxx) volunteered to aquire, setup key (+revocation) and
get it to Hetzner.
--
Jelle van der Waa
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/arch-devops/attachments/20190211/528f2767/attachment.sig>
More information about the arch-devops
mailing list