[RFE] Add a tamte SSH Server
jtudelag opened this issue · 5 comments
So, I love tmate, and It would be grate to have a dedicated tmate ssh server deployed among with the other collaboration tools.
I mean, tmate just works fine, but it relies on tmate.io, so to have a private tmate ssh server would make us independent from a 3rd party, giving us more freedom and avoiding any security/data leak concern.
Given said that, not sure how easy is to set up one. Tamte people already have one repo to dpeloy it on k8s.
If you can deploy it on k8s you can deploy it on OpenShift. What would be the use case for an ssh server? How would this help with collaboration of remote teams? Not clear on that.
Hey, sorry, maybe I did not explain myself correctly
Tmate is a tmux fork for terminal sharing, so it is a pretty good collaboration tool for pair programming for example.
It works out of the box using tmate.io service, but you can use your own SSH private server if you want (for security reasons for example).
Ok understood, I am happy to help get this integrated. What we need is to first get it running on k8s/openshift. Once we have that I can take a look about getting it integrated into podium. Maybe you can work on setting this up in environment and then either getting me the outputs of the k8s objects (deployment, service, route, etc) or just give me access to environment?
While tmate certainly is a very useful tool and I can see it fit perfectly into the Podium workspace, there is a severe security issue that forbids to integrate the current implementation of tmate into Podium. tmate requires SYS_ADMIN capability which basically circumvents all SELINUX rules.
We have been careful to have all containers running in the Podium space to run without special privileges and we must keep it that way.