Hacker News new | past | comments | ask | show | jobs | submit login

The writeup is interesting. As a security conscious developer (and with quite a lot of experience with deployments of multi-server systems) I wonder if there's a comprehensive, coherent guide in order to do The Right Thing security-wise in such scenarios. Multiple interacting servers, multiple developers, continuous delivery... I think that Google's BeyondCorp approach is rather different than this (and SSH would be publicly exposed) but has an inherent level of complexity which would be hard to cope with in a small org.

Check out https://infosec.mozilla.org/guidelines/openssh for a nice overview of best-practices on SSH.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact