Insecure defaults from the setup instructions #90
Comments
|
Agreed. Can we collect some suggestions / thoughts?
Thoughts? |
|
Hi Nathan, Glad that this resonates. My suggestions are in the original issue:
I also think your idea about adding IP tables rules to prevent access to all of the above sounds good in principle. In practice Docker interferes with iptables and makes it impractical to achieve that result. |
|
Example of inlets with HTTPS provided by Caddy, Caddy has an open usage license now can also decorate endpoints with basic auth as required for things like Kibana. https://blog.alexellis.io/https-inlets-local-endpoints/ |
|
First step is to add a warning on the website explaining that this is an insecure example while we're investigating an actual fix. |
mrmrcoleman
added
the
priority/critical-urgent
|
@gianarb I saw you closed the other script relating to ports. I think this one needs addressing rather than closing. Hopefully I can pre-empt you there. |
|
This issue is ALWAYS in my mind! Yep we started something here #232 . I think the same concept I tried to describe there applies here, but who knows, Kibana is not even part of the stack anymore. |
tstromberg
added
the
kind/documentation
After following the setup instructions, all services appear to be directly exposed on the Internet which is never a good idea, Kibana for instance has no authentication or TLS configured.
Please consider removing this default in favour of accessing the dashboards via SSH tunnels or by using inlets.
Do the nodes even need a public IP? I hear that Packet now supports nodes with no public IPs, perhaps the terraform could provision a tiny Type0 to run Nginx as a reverse proxy with auth?
These are the ports that are open:
I do not consider this to be a security advisory that needs to be handled via backchannels or email, this is probably just an oversight. If the team feel otherwise I can remove the issue.
The text was updated successfully, but these errors were encountered: