Important Advisory: PagerDuty Process Automation On Prem / Rundeck Key Pair Misconfiguration

This page summarizes the projects mentioned and recommended in the original post on /r/Rundeck

Our great sponsors
  • Mergify - Tired of breaking your main and manually rebasing outdated pull requests?
  • SonarQube - Static code analysis for 29 languages.
  • InfluxDB - Collect and Analyze Billions of Data Points in Real Time
  • Rundeck

    Enable Self-Service Operations: Give specific users access to your existing tools, services, and scripts

    Yesterday we posted a Security Advisory to Github for a critical vulnerability in Rundeck Community and Rundeck Enterprise Docker images, versions 4.0 and earlier. Those Docker images contained a pre-generated SSH key pair in the default file path. If that key was used to configure SSH access to hosts, they would allow access to anyone with the exposed private key.

  • affected-keys-checks

    Collection of remediation options for exposed key vulnerabilities

    If you think you may be impacted, use one of these options to scan your hosts for the exposed keys, delete any you find, and replace them with a new SSH key pair. You can find more information about the issue and resources for remediation here.

  • Mergify

    Tired of breaking your main and manually rebasing outdated pull requests?. Managing outdated pull requests is time-consuming. Mergify's Merge Queue automates your pull request management & merging. It's fully integrated to GitHub & coordinated with any CI. Start focusing on code. Try Mergify for free.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts