Magnus Hagander wrote:
> >> I assume most buildfarm clients are off static IPs (at least as seen
> >> from the servers - they may be behind a NAT device, but that one
> >> having static out)? If so, it seems simply easier to use pserver...
> >>
> >
> > Yes, I think we should have a VM. Is that so hard to do in these days of Xen
> > etc? I'm surprised we can't run up a VM pretty much at the drop of a hat.
>
> In the new infrastructure, it is.
>
> The main resource that's limited really is IP addresses ;)
>
>
> > I was suggesting that the accounts would be protected using ssh keys.
> > Password and IP address protection seem pretty weak to me. Passwords can be
> > sniffed or attacked using brute force. IP addresses can be spoofed. But
> > you're the SA, not me.
>
> I prefer keys. But I don't want those users on the same VM as
> important services, because passphrase-less keys are a lot more likely
> to be compromised than the keys of say a regular committer...
Stupid question, but can't we just create a CVSROOT fed from git, and
use the normal CVS server to feed sites?
-- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB
http://enterprisedb.com
+ It's impossible for everything to be true. +
