A malicious attacker gained access to codespaces.com Amazon EC2 control panel and deleted nearly all of their data, snapshots and backups included. They are now out of business.
This could have been prevented had they chosen to use two-factor authentication on their Amazon EC2 accounts. Proxmox should implement two-factor authentication so it can offer protections from stolen credentials. Personally I would like to see support for Yubikeys since I already use them. The libauth-yubikey-webclient-perl package provides a rather simple way to validate the One time Passwords generated by yubikeys. Very basic validation of the OTP: #!/bin/perl $api_id = "Obtain"; $api_key = "From Yubico https://upgrade.yubico.com/getapikey/";; $otp = $ARGV[0]; use Auth::Yubikey_WebClient; if ($otp) { my $yubi = Auth::Yubikey_WebClient->new({ id => $api_id, api => $api_key }); $result = $yubi->otp($otp); if ( $result eq "OK" ) { print "OK\n"; } else { print "BAD\n"; $yubi->debug(); } }
_______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
