emachnic
commented
10 years ago @jaustinhughey Can you point to where they are? Is there any reason we need to have them in the history or should we just remove them?
Closed jahio closed 9 years ago
emachnic
commented
10 years ago @jaustinhughey Can you point to where they are? Is there any reason we need to have them in the history or should we just remove them?
jahio
commented
10 years ago We don't need them in the history but the codebase makes use of them now. So this is just a warning that before we open source this, we should purge all keys from this repo and its history, and create sample files that explain what needs to be there instead.
https://github.com/engineyard/eydr/blob/master/lib/ey_cloud/cookbooks/ssh_key_connection/files/default/tunnel https://github.com/engineyard/eydr/blob/master/lib/ey_cloud/cookbooks/ssh_key_connection/files/default/tunnel.pub
emachnic
commented
10 years ago I see what you're saying. If we git rm --cached on those, would that work and would this require some refactoring to look for the keys elsewhere?
jahio
commented
10 years ago I don't think rm --cached is going to remove the history will it?
--cached
Use this option to unstage and remove paths only from the index. Working tree files, whether modified or not, will be left alone.So if I understand that right, even after this you'd be able to go back into the commit history right here on GH and see little green and/or red lines where the private key was removed or added.
mdolian
commented
9 years ago Closing because outdated.
This is less of an "issue" and more of a warning. If we want to open source this in the future, we need to rip out the SSH keys and create new history. Otherwise the public/private key used for the SSH tunnel would be visible to everyone, and that just sounds kinda bad.