cyph
Rundeck
Our great sponsors
cyph | Rundeck | |
---|---|---|
7 | 26 | |
366 | 5,311 | |
0.3% | 1.2% | |
9.3 | 9.9 | |
about 1 month ago | 5 days ago | |
TypeScript | Groovy | |
GNU General Public License v3.0 or later | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
cyph
-
Ask HN: Why no browser-based E2E encryption?
[where this model breaks down] -- Alice and Bob go to your website and have a conversation. Eve hacks into the website and modifies the E2EE code. She can switch between serving the normal webapp and the malicious non-E2EE webapp. There's no good way to detect it. There are people out there who really like end to end security, but don't like browser-based e2ee because it doesn't have end to end security.
Note: https://www.cyph.com/ is a bbE2EE chat system.
-
E2EE on the web: is the web that bad?
If we do care about the delta in security model between the web and other platforms, then we could build some kind of code bundling and signing mechanism for web applications, perhaps with some kind of transparency layer on top to make the code publicly auditable and make it harder to target specific users with malicious code. A bundling/signing/transparency solution for the web could probably be built out of some of a collection of mechanisms that already exist or have at least been explored. Related ideas include Subresource Integrity, Isolated Web Apps, Signed Exchanges and Web Packaging, Meta’s Code Verify extension, and source code and supply chain transparency proposals.
Incidentally, I've actually just recently developed a solution to this exact problem: https://www.websign.app.
WebSign started a while back as an internal framework used by the Cyph E2EE messenger (https://www.cyph.com), and @eganist and I gave a talk that covered part of the architecture at Black Hat and DEF CON. Now we have a static web hosting service built around it for others to use, which takes care of bundling and code signing during deployment.
If anyone here has a use case for it, we're looking for pilot customers now. Just shoot me an email at [email protected].
- r/crypto - Cyph - Encrypted Messenger
- Cyph - Encrypted Messenger
-
Graph of Keybase commits pre and post Zoom acquisition
https://github.com/cyph/cyph
It would be wasteful to throw away the Web of Trust (people with handles to keys) that everyone entered into Keybase. Hopefully, Zoom will consider opening up the remaining pieces of Keybase if not just spinning the product back out to a separate entity?
W3C DIDs and https://blockcerts
From https://news.ycombinator.com/item?id=19185998 https://westurner.github.io/hnlog/#comment-19185998 :
> There's also "Web Key Directory"; which hosts GPG keys over HTTPS from a .well-known URL for a given user@domain identifier: https://wiki.gnupg.org/WKD
> GPG presumes secure key distribution
> Compared to existing PGP/GPG keyservers [HKP], WKD does rely upon HTTPS.
Blockcerts can be signed when granted to a particular identity entity:
> Here are the open sources of blockchain-certificates/cert-issuer and blockchain-certificates/cert-verifier-js: https://github.com/blockchain-certificates
Rundeck
-
Python script manager
I don't use it myself, but I think rundeck might be what you're looking for
- self hosted Alternative to easycron.com?
-
Best (Python) Script Orchestrator?
Have a look at rundeck.org
-
Job options visible on the left side of the job summary screen
Not possible at this moment, please suggest that here.
-
Killing an unkillable job.
Hi, that's an odd issue (never happened on my env, but reported here), you can try this or this.
-
Any multi-vps control panel to manage screens and containers?
If you want a web panel, I believe you could achieve that with Rundeck.
-
LDAP notes
I found this info here and here.
-
Process Automation and Rundeck version 4.5.0 is live!
Changing default SCM SSH authentication to SSHJ: The SCM integration now uses SSHJ for SSH authentication by default (previously JSCH). GitHub has tightened up their SSH key requirements and now requires SSH-RSA 2 keys. The new default for ssh-keygen via OpenSSH is not supported by JSCH.
-
How to setup a containerized python environment? Function as a Service or an alternative solution for a Python execution environment.
Firstly, I tried Rundeck and Apache Airflow. They are complete overkill for what I want to do. Then I found Cronicle which is light enough, besides it can pull double duty as a general purpose scheduler.
-
Important Advisory: PagerDuty Process Automation On Prem / Rundeck Key Pair Misconfiguration
Yesterday we posted a Security Advisory to Github for a critical vulnerability in Rundeck Community and Rundeck Enterprise Docker images, versions 4.0 and earlier. Those Docker images contained a pre-generated SSH key pair in the default file path. If that key was used to configure SSH access to hosts, they would allow access to anyone with the exposed private key.
What are some alternatives?
client - Keybase Go Library, Client, Service, OS X, iOS, Android, Electron
StackStorm - StackStorm (aka "IFTTT for Ops") is event-driven automation for auto-remediation, incident responses, troubleshooting, deployments, and more for DevOps and SREs. Includes rules engine, workflow, 160 integration packs with 6000+ actions (see https://exchange.stackstorm.org) and ChatOps. Installer at https://docs.stackstorm.com/install/index.html
Peergos - A p2p, secure file storage, social network and application protocol
semaphore - Modern UI for Ansible
Nomad - Nomad is an easy-to-use, flexible, and performant workload orchestrator that can deploy a mix of microservice, batch, containerized, and non-containerized applications. Nomad is easy to operate and scale and has native Consul and Vault integrations.
SaltStack - Software to automate the management and configuration of any infrastructure or application at scale. Get access to the Salt software package repository here:
kubernetes - Production-Grade Container Scheduling and Management
Apache ZooKeeper - Apache ZooKeeper
consul - Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure.
MCollective - MCollective Server and Client Puppet Module
Cronicle - A simple, distributed task scheduler and runner with a web based UI.
Cloudify