You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Information security is the top issue. IMPORTANT: This upgrade is not compatible with 0.2.x
Main Changes:
1. Your SSH private key is encrypted and protected.
As you may know, the HPC-NOW generates and manages SSH keys for you to connect with the cloud clusters. SSH private keys are sensitive, especially the global operator private key in the SSH_KEY_FOLDER:
For Microsoft Windows: C:\Programdata\hpc-now\now-ssh
For GNU/Linux: /usr/.hpc-now/.now-ssh
For macOS (Darwin): /Applications/.hpc-now/.now-ssh
Previously, the private keys were hidden, but not encrypted. Now, with this release, the private keys will be encrypted locally.
2. New commands added.
For developers, we introduced 2 important commands: hpcopr encrypt and hpcopr decrypt. These 2 commands are convenient for users to decrypt sensitive files of one or several clusters. Therefore, users can check the TF files, cloud secrets, as well as cluster users' passwords easily.
However, the hpcopr decrypt command is VERY RISKY!!!, and WE DO NOT RECOMMEND USE IT UNLESS YOU KNOW ALL THE CONSEQUENCES VERY CLEARLY:
The cloud secrets will be decrypted to the vault directory
The user passwords will be decrypted to the vault directory
The Terraform/openTofu files containing sensitive information will be decrypted to the stack directory
The users SSH private keys will be decrypted to the cluster's sshkey folder under SSH_KEY_FOLDER
Please do encrypt the decrypted files by using hpcopr encrypt as soon as possible.
We also added a CONTRIBUTING.md to this project, looking forward to your feedback and contributions!
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Information security is the top issue.
IMPORTANT: This upgrade is not compatible with 0.2.x
Main Changes:
1. Your SSH private key is encrypted and protected.
As you may know, the HPC-NOW generates and manages SSH keys for you to connect with the cloud clusters. SSH private keys are sensitive, especially the global operator private key in the
SSH_KEY_FOLDER
:Previously, the private keys were hidden, but not encrypted. Now, with this release, the private keys will be encrypted locally.
2. New commands added.
For developers, we introduced 2 important commands:
hpcopr encrypt
andhpcopr decrypt
. These 2 commands are convenient for users to decrypt sensitive files of one or several clusters. Therefore, users can check the TF files, cloud secrets, as well as cluster users' passwords easily.However, the
hpcopr decrypt
command is VERY RISKY!!!, and WE DO NOT RECOMMEND USE IT UNLESS YOU KNOW ALL THE CONSEQUENCES VERY CLEARLY:vault
directoryvault
directorystack
directorySSH_KEY_FOLDER
Please do encrypt the decrypted files by using
hpcopr encrypt
as soon as possible.We also added a CONTRIBUTING.md to this project, looking forward to your feedback and contributions!
HPC-NOW: Start your HPC journey in the cloud now.
This discussion was created from the release [BETA] Version of 0.3.1.0007 released!.
Beta Was this translation helpful? Give feedback.
All reactions