Hacker News new | past | comments | ask | show | jobs | submit login

What about using Google Cloud Shell (https://cloud.google.com/shell/docs/; free, open to anyone with a Google account) as a jump host to your servers? Or using GCE's ssh-in-the-browser feature (https://cloud.google.com/compute/docs/ssh-in-browser) to connect to your own GCE VM (not free, in this case) and using it as jumphost?

Both Cloud Shell and SSH-in-the-browser use an in-browser SSH client, so the connection is encrypted all the way and not MITMable.

p.s. full disclosure: I work at Google on the team that maintains both of the above.




Azure also has a similar feature (https://azure.microsoft.com/en-ca/features/cloud-shell/) with built in VS code based IDE.


Cloud shell allows Google to see what I type on the shell machine. So if I ssh from there into the target, nothing is gained and it's MITMable by Google. The only difference is that it's less likely to happen.


That's fair. Although there are pretty tight internal controls on what Google can do on your Cloud Shell, you have to put a certain level of trust into Google here. Getting your own GCE VM and using SSH-in-the-browser is arguably more secure. Last I checked an f1-micro VM would suffice and fits under the 'always free' GCE cap.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: