Online Customer Meetup: Securing XL Deploy Overthere SSH Hosts with SUDO
At XebiaLabs, we talk a lot about the value of our agentless technology. Some reasons why agents are not a good idea are that the process of installing agents on all of your servers is tedious, there is overhead associated with maintaining agents, and risk associated with relying on your vendor to identify and fix security vulnerabilities in a timely manner. For these reasons, we use the same trusted technologies that you would normally use to access your systems. On Unix, that would be ssh, sudo, and su — the industry standards for providing secure access to your remote Unix systems. With all of the resources in the development communities for these tools, any potential security vulnerabilities are quickly identified and patched. The patches are quickly made available by the OS providers and applied to your systems by your local admins.
In this customer-only online meetup, we:
- Demonstrate a few of the possible configurations that can be used to tightly control access to the Unix systems
- Show the advantages of using a tool like XL Deploy to control who can execute deployments while maintaining a log of all actions that were done
- Explain how, in addition to the audit logging in XL Deploy, using sudo provides additional logging of all commands