Most environments I use restrict login to shell servers. This makes a lot of sense, from the perspective of limiting attack surface areas. I’ve adjusted my working environment over time to take advantage of this type of environment.

The basics

First of all, security in an environment like this is important. I restrict my login to key based login. I protect my key with a password. I don’t put my key on removable media. I keep a strong password on my key. I use full disk encryption for the system my key is on. I keep an encrypted backup of my key in a safe, located somewhere my computer isn’t kept.

The OpenStackManager extension is a web interface for OpenStack, and a manager for a fully integrated test and development network being written primarily for Wikimedia Foundation use.

This is a features and bugfix release of the OpenStackManager extension. There have been extensive changes since the last release. I’ll try my best in the future to do releases more often to avoid having changelogs this long. The following has changed:

• Added support for managing sudo policies. Currently supports adding, modifying and deleting sudo policies with sudouser, sudohost, sudocommand, and sudooptions attributes. Requies wiki admin privileges to use the special page.