Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I wanted to try it months ago ... but I stopped when I read in the install documentation :

To configure passwordless sudo, open the /etc/sudoers file, and add a line of the form: %username ALL = (ALL) NOPASSWD: ALL

And the same user should have a password less SSH access with private key ...



Honest question, what's the problem with that? Hinging admin access for some machine on an ssh key seems like not too unusual practice?


From a security point of view, I am not comfortable giving a user unlimited access to the server. I don't know what solution pgEdge is implementing, but granting full access to the server when it should only operate on PostgreSQL is a security concern for me.


the Getting Started guide is definitely a different mindset than what we would recommend for Production Ready, particularly if there's specific security requirements in mind. With that being said, it should be more clear, so we've reported this to our documentation team to make sure it is!

reply


It could do better for sure, but it's a just a Get Started guide, I never consider that a Production Ready guide.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: